Home > mailing lists

Re: CVE Links are broken on the PG 10.1 news page - Mailing list pgsql-www

From	Jonathan S. Katz
Subject	Re: CVE Links are broken on the PG 10.1 news page
Date	November 10, 2017 22:55:21
Msg-id	EB171448-8F3B-4AFA-88EE-73D8BE8A1C32@postgresql.org Whole thread Raw
In response to	Re: CVE Links are broken on the PG 10.1 news page (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: CVE Links are broken on the PG 10.1 news page (Magnus Hagander <magnus@hagander.net>)
List	pgsql-www

Tree view

> On Nov 10, 2017, at 11:32 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Magnus Hagander <magnus@hagander.net> writes:
>> On Fri, Nov 10, 2017 at 2:56 PM, Daniel Gustafsson <daniel@yesql.se> wrote:
>>> On 10 Nov 2017, at 12:14, Damien Clochard <damien@dalibo.info> wrote:
>>>> The 3 CVE links lead to a 404 page on RH website :
>>>> https://access.redhat.com/security/cve/CVE-2017-12172
>>>> https://access.redhat.com/security/cve/CVE-2017-15098
>>>> https://access.redhat.com/security/cve/CVE-2017-15099
>
>>> Even better would probably be to not make them actual links until the
>>> target URL exists.
>
>> We used to do it that way. Which then meant they usually didn't get updated
>> until the next round of releases, because it got forgotten :/
>
> FWIW, I see that -12172 just got de-embargoed.  Probably the other two
> will follow shortly.

Interestingly enough, when I checked post-release yesterday, they were available, so they must have been re-embargoed
shortlythereafter. 

Jonathan

pgsql-www by date:

From: Tom Lane
Date: 10 November 2017, 22:32:30
Subject: Re: CVE Links are broken on the PG 10.1 news page

From: Magnus Hagander
Date: 10 November 2017, 23:29:59
Subject: Re: CVE Links are broken on the PG 10.1 news page

Re: CVE Links are broken on the PG 10.1 news page - Mailing list pgsql-www

Previous

Next