Thank you very much for your prompt response.
Jérémi
-----Original Message-----
From: Tom Lane <tgl@sss.pgh.pa.us>
Sent: September 26, 2019 12:34 PM
To: Potvin, Jérémi <Jeremi.Potvin@cra-arc.gc.ca>
Cc: pgsql-novice@lists.postgresql.org
Subject: Re: Security question
=?iso-8859-1?Q?Potvin=2C_J=E9r=E9mi?= <Jeremi.Potvin@cra-arc.gc.ca> writes:
> I would like to know what's the best way to track PostgreSQL security patches / CVE notifications.
> Should I subscribe to any particular mailing list(s)? RSS feed(s)?
pgsql-announce is what to read for release notices.
> I just want to make sure I get notified as soon as possible whenever a security vulnerability is identified with
PostgreSQL.
Our release notices generally mention any new CVEs fixed in a release set.
For historical data see
https://www.postgresql.org/support/security/
regards, tom lane