[postgis-devel] PSC Vote add a security at postgis.net

Regina Obe lr at pcorp.us
Sat Dec 7 05:30:28 PST 2019

You, strk, and Raul also want to be on the team?


I think only Paul and I answered affirmative to that part (or what I understood to be affirmative).





From: postgis-devel [mailto:postgis-devel-bounces at lists.osgeo.org] On Behalf Of Darafei "Kom?pa" Praliaskouski
Sent: Saturday, December 7, 2019 12:39 AM
To: PostGIS Development Discussion <postgis-devel at lists.osgeo.org>
Subject: Re: [postgis-devel] PSC Vote add a security at postgis.net




+1 (Darafei)

We should define way to handle. In my experience things lead to a trac ticket with description, and a NEWS entry anyway. We may keep it this way - not withholding anything but making it easier for security researchers to ping us, without any subscription/registration.


On Thu, Dec 5, 2019 at 9:35 PM Regina Obe <lr at pcorp.us <mailto:lr at pcorp.us> > wrote:

Right now when any one has a security issue of a private nature they either don’t know who to send the notice to or send it to whoever they know on the PSC.


I propose we have a security at postgis.net <mailto:security at postgis.net>   (similar to how other projects had one)


And state if anyone found a security vulnerability in PostGIS  they can send to this email.



Also who want to handle security issues – can be more than one of us.




postgis-devel mailing list
postgis-devel at lists.osgeo.org <mailto:postgis-devel at lists.osgeo.org> 



Darafei Praliaskouski

Support me: http://patreon.com/komzpa

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20191207/321e778d/attachment.html>

More information about the postgis-devel mailing list