On Wed, Nov 20, 2024 at 07:40:36PM -0700, David G. Johnston wrote:
> On Wed, Nov 20, 2024 at 7:18 PM Bruce Momjian <bruce@momjian.us> wrote:
>
> so when we decided to remove the downloads
>
>
> Can you elaborate on who "we" is here?
>
> I don't recall this event happening.
Uh, I only see 17.0 available for Windows, MacOS, and all EDB downloads,
not 17.1:
https://www.enterprisedb.com/downloads/postgres-postgresql-downloads
I am not sure if other distributions removed 17.1.
> I suppose "encouraging people to wait" is arguably a bad position to take
> compared to directing them to a page on our wiki where the risk factors are
> laid out so they can make an informed decision based upon their situation. But
> that seems like a person-to-person matter and not something the project can
> take responsibility for or control. So, "immediately create a wiki page when
> PR-level problems arise" could be added to the "could have done better" list,
> so people have a URL to send instead of off-the-cuff advice.
Interesting.
> Obviously "alter role set role" is a quite common usage in our community yet we
> lack any regression or tap tests exercising it. That we could have done better
> and caught the bug in the CVE fix.
Yes, I saw a lot of reports about this failure.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
When a patient asks the doctor, "Am I going to die?", he means
"Am I going to die soon?"
