On Sun, Jan 30, 2005 at 12:55:28PM -0500, Tom Lane wrote:
> We don't really have an official security contact. The next best thing
> is to send such reports to pgsql-core, which is not an open list, but
> will reach a good chunk of those with an interest in fixing such
> problems.
IMHO this fact should be more clearly announced somewhere on the
website. A little phrase like "Please send security vulnerability
reports to [EMAIL PROTECTED]" at the top of the developer's page
should do.
--
Alvaro Herrera (<[EMAIL PROTECTED]>)
"Some men are heterosexual, and some are bisexual, and some
men don't think about sex at all... they become lawyers" (Woody Allen)
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
