hawq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amy Bai <a...@pivotal.io>
Subject Re: Proposal for handling of security vulnerabilities in Apache HAWQ
Date Wed, 15 Feb 2017 03:42:28 GMT
Hi Roman,

Thanks for your comments. I have added HAWQ security reports section in HAWQ
wiki page
to your comments. Please feel free to review the changes and add the
security mailing list for hawq in


On Mon, Feb 13, 2017 at 9:20 AM, Roman Shaposhnik <roman@shaposhnik.org>

> On Fri, Feb 10, 2017 at 5:35 PM, stanly sheng <stanly.sxiang@gmail.com>
> wrote:
> > When HAWQ team commit the fix, everyone can see the commits even no
> > references. Will this make the security issue public if the fix is very
> > simple ?
> True, but that's the only way to deal with this. This is why you MUST
> commit
> and immediately do a release. In fact, your release artifacts should really
> be staged when you're doing a commit so you can push a release out ASAP.
> Thanks,
> Roman.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message