[postgis-devel] PSC Vote add a security at postgis.net

Regina Obe lr at pcorp.us
Fri Dec 6 09:43:25 PST 2019

I like this idea too to have a Security.md file and then we can link to that file from the https://postgis.net/support page.


Also are you open to being on the security at postgis.net <mailto:security at postgis.net>  email distribution?






From: postgis-devel [mailto:postgis-devel-bounces at lists.osgeo.org] On Behalf Of rmrodriguez at carto.com
Sent: Friday, December 6, 2019 5:12 AM
To: PostGIS Development Discussion <postgis-devel at lists.osgeo.org>
Subject: Re: [postgis-devel] PSC Vote add a security at postgis.net


+1 for me too


I'm thinking on having a SECURITY.md similar to https://github.com/standard/.github/blob/master/SECURITY.md in the project's root directory.


On Thursday, December 5, 2019, Paul Ramsey <pramsey at cleverelephant.ca <mailto:pramsey at cleverelephant.ca> > wrote:


On Dec 5, 2019, at 10:34 AM, Regina Obe <lr at pcorp.us <mailto:lr at pcorp.us> > wrote:


Right now when any one has a security issue of a private nature they either don’t know who to send the notice to or send it to whoever they know on the PSC.


I propose we have a  <mailto:security at postgis.net> security at postgis.net  (similar to how other projects had one)


Sounds wise, +1


And state if anyone found a security vulnerability in PostGIS  they can send to this email.



Also who want to handle security issues – can be more than one of us.


I’m open to it.






postgis-devel mailing list
 <mailto:postgis-devel at lists.osgeo.org> postgis-devel at lists.osgeo.org
 <https://lists.osgeo.org/mailman/listinfo/postgis-devel> https://lists.osgeo.org/mailman/listinfo/postgis-devel


Raúl Marín Rodríguez
carto.com <http://carto.com> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20191206/fc95b695/attachment-0001.html>

More information about the postgis-devel mailing list