Home > mailing lists

Re: Security lessons from liblzma - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Security lessons from liblzma
Date	April 1 23:59:51
Msg-id	ZgsgR88DpJ-adS75@momjian.us Whole thread Raw
In response to	Re: Security lessons from liblzma (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Security lessons from liblzma
List	pgsql-hackers

Tree view

On Mon, Apr  1, 2024 at 03:17:55PM -0400, Tom Lane wrote:
> Bruce Momjian <bruce@momjian.us> writes:
> > I was more asking if users have access to patches so they could recreate
> > the build by using the Postgres git tree and supplied OS-specific
> > patches.
> 
> AFAIK, every open-source distro makes all the pieces needed to
> rebuild their packages available to users.  It wouldn't be much
> of an open-source situation otherwise.  You do have to learn
> their package build process.

I wasn't clear if all the projects provide a source tree that can be
verified against the project's source tree, and then independent
patches, or if the patches were integrated and therefore harder to
verify against the project source tree.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  Only you can decide what is important to you.

pgsql-hackers by date:

From: Bruce Momjian
Date: 01 April, 23:58:07
Subject: Re: Security lessons from liblzma

From: Tom Lane
Date: 02 April, 00:00:11
Subject: Re: On disable_cost

Re: Security lessons from liblzma - Mailing list pgsql-hackers

Previous

Next