hawq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roman Shaposhnik <ro...@shaposhnik.org>
Subject Re: Proposal for handling of security vulnerabilities in Apache HAWQ
Date Mon, 13 Feb 2017 01:20:38 GMT
On Fri, Feb 10, 2017 at 5:35 PM, stanly sheng <stanly.sxiang@gmail.com> wrote:
> When HAWQ team commit the fix, everyone can see the commits even no
> references. Will this make the security issue public if the fix is very
> simple ?

True, but that's the only way to deal with this. This is why you MUST commit
and immediately do a release. In fact, your release artifacts should really
be staged when you're doing a commit so you can push a release out ASAP.

Thanks,
Roman.

Mime
View raw message