[postgis-devel] PSC Vote add a security at postgis.net

Fri Dec 6 09:43:25 PST 2019

I like this idea too to have a Security.md file and then we can link to that file from the https://postgis.net/support page.

Also are you open to being on the security at postgis.net <mailto:security at postgis.net>  email distribution?

Thanks,

Regina

From: postgis-devel [mailto:postgis-devel-bounces at lists.osgeo.org] On Behalf Of rmrodriguez at carto.com
Sent: Friday, December 6, 2019 5:12 AM
To: PostGIS Development Discussion <postgis-devel at lists.osgeo.org>
Subject: Re: [postgis-devel] PSC Vote add a security at postgis.net

+1 for me too

I'm thinking on having a SECURITY.md similar to https://github.com/standard/.github/blob/master/SECURITY.md in the project's root directory.

On Thursday, December 5, 2019, Paul Ramsey <pramsey at cleverelephant.ca <mailto:pramsey at cleverelephant.ca> > wrote:

On Dec 5, 2019, at 10:34 AM, Regina Obe <lr at pcorp.us <mailto:lr at pcorp.us> > wrote:

Right now when any one has a security issue of a private nature they either don’t know who to send the notice to or send it to whoever they know on the PSC.

I propose we have a  <mailto:security at postgis.net> security at postgis.net  (similar to how other projects had one)

Sounds wise, +1

And state if anyone found a security vulnerability in PostGIS  they can send to this email.

Thoughts?

Also who want to handle security issues – can be more than one of us.

I’m open to it.

OP

Thanks,

Regina

_______________________________________________
postgis-devel mailing list
 <mailto:postgis-devel at lists.osgeo.org> postgis-devel at lists.osgeo.org
 <https://lists.osgeo.org/mailman/listinfo/postgis-devel> https://lists.osgeo.org/mailman/listinfo/postgis-devel

-- 
Raúl Marín Rodríguez
carto.com <http://carto.com> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20191206/fc95b695/attachment-0001.html>