Participants
Lamar Owen
Lamar Owen
Bruce Momjian
Bruce Momjian
Neil Conway
Neil Conway
Vince Vielhaber
Vince Vielhaber
Attachments

No attachments in this thread

Thread Outline
#1...#3
Bruce MomjianLamar Owen
Aug 22, 2002
#1Bruce MomjianBruce Momjian
Aug 22, 2002
#2Lamar OwenLamar Owento Bruce Momjian (#1)
Aug 23, 2002
#3Bruce MomjianBruce Momjianto Lamar Owen (#2)
Aug 23, 2002
#4Lamar OwenLamar Owento Bruce Momjian (#3)
Aug 23, 2002
#5Bruce MomjianBruce Momjianto Lamar Owen (#4)
Aug 23, 2002
#6Lamar OwenLamar Owento Bruce Momjian (#5)
Aug 23, 2002
#7Lamar OwenLamar Owento Bruce Momjian (#5)
Aug 23, 2002
#8...#9
Neil ConwayLamar Owen
to Lamar Owen (#4)
Aug 23, 2002
#8Neil ConwayNeil Conwayto Lamar Owen (#4)
Aug 23, 2002
#9Lamar OwenLamar Owento Neil Conway (#8)
Aug 23, 2002
#10Vince VielhaberVince Vielhaberto Bruce Momjian (#3)
Aug 23, 2002

My head is spinning

Started by Bruce Momjianover 23 years ago10 messages
#1Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us

There is so much going on, I am having trouble keeping things straight.
Just thought I would let everyone know. ;-)

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
#2Lamar Owen
Lamar Owen
lamar.owen@wgcr.org
In reply to: Bruce Momjian (#1)
Re: My head is spinning

On Thursday 22 August 2002 06:07 pm, Bruce Momjian wrote:

There is so much going on, I am having trouble keeping things straight.
Just thought I would let everyone know. ;-)

Quite busy, eh? :-)

Hey, Bruce, gyroscopes spin to keep them stable.....
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11

#3Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us
In reply to: Lamar Owen (#2)
Re: My head is spinning

Lamar Owen wrote:

On Thursday 22 August 2002 06:07 pm, Bruce Momjian wrote:

There is so much going on, I am having trouble keeping things straight.
Just thought I would let everyone know. ;-)

Quite busy, eh? :-)

Yep. I don't know where to start.

Hey, Bruce, gyroscopes spin to keep them stable.....

That doesn't seem to work for me.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
#4Lamar Owen
Lamar Owen
lamar.owen@wgcr.org
In reply to: Bruce Momjian (#3)
Re: My head is spinning

On Thursday 22 August 2002 10:40 pm, Bruce Momjian wrote:

Lamar Owen wrote:

On Thursday 22 August 2002 06:07 pm, Bruce Momjian wrote:

There is so much going on, I am having trouble keeping things straight.
Just thought I would let everyone know. ;-)

Quite busy, eh? :-)

Yep. I don't know where to start.

Well, Ok, I think we're going in the right direction. The one thing I would
like to see is a release target for 7.2.2. There is a substantial interest
in our userbase for this, judging from a thread among OpenACS developers.
Thus far it's not hit bigger news sites -- but I can tell you right now, with
my media experience, that people will assume the worst -- and if/when this
hits slashdot, we really need a response to 'whence 7.2.2'. BugTraq's one
thing -- slashdot is another thing entirely. I'm quite surprized, in fact,
it hasn't hit Linux Today, slashdot, or Linux Weekly News. When/if it does,
*SHA-ZAM*. I'd personally like the news item to read 'PostgreSQL developers
release security update' rather than 'Security hole found in PostgreSQL'.

If push comes to shove I can push RPM's out Saturday, if the tarball is ready.
If not, Monday morning at the earliest.

Hey, Bruce, gyroscopes spin to keep them stable.....

That doesn't seem to work for me.

Well, we've already seen kudos go out to Marc. I think a round of applause
should also go to some other people -- but in particular Bruce has always
done a fine job of getting the release ready for packaging. Not to take away
from other's efforts, just maybe to help encourage someone else who is
feeling overwhelmed (a couple hundred thousand lines of Fortran, a complete
website redesign, a major renovation, and some major engineering/surveying
work have my attention here... and that's just one job).
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11

#5Bruce Momjian
Bruce Momjian
pgman@candle.pha.pa.us
In reply to: Lamar Owen (#4)
Re: My head is spinning

Lamar Owen wrote:

On Thursday 22 August 2002 10:40 pm, Bruce Momjian wrote:

Lamar Owen wrote:

On Thursday 22 August 2002 06:07 pm, Bruce Momjian wrote:

There is so much going on, I am having trouble keeping things straight.
Just thought I would let everyone know. ;-)

Quite busy, eh? :-)

Yep. I don't know where to start.

Well, Ok, I think we're going in the right direction. The one thing I would
like to see is a release target for 7.2.2. There is a substantial interest
in our userbase for this, judging from a thread among OpenACS developers.
Thus far it's not hit bigger news sites -- but I can tell you right now, with
my media experience, that people will assume the worst -- and if/when this
hits slashdot, we really need a response to 'whence 7.2.2'. BugTraq's one
thing -- slashdot is another thing entirely. I'm quite surprized, in fact,
it hasn't hit Linux Today, slashdot, or Linux Weekly News. When/if it does,
*SHA-ZAM*. I'd personally like the news item to read 'PostgreSQL developers
release security update' rather than 'Security hole found in PostgreSQL'.

If push comes to shove I can push RPM's out Saturday, if the tarball is ready.
If not, Monday morning at the earliest.

You bring up a good point. We don't want to appear reactive on this, we
want to be proactive. The CVS is all ready for release, so there isn't
anything holding us up except our quality control.

Hey, Bruce, gyroscopes spin to keep them stable.....

That doesn't seem to work for me.

Well, we've already seen kudos go out to Marc. I think a round of applause
should also go to some other people -- but in particular Bruce has always
done a fine job of getting the release ready for packaging. Not to take away
from other's efforts, just maybe to help encourage someone else who is
feeling overwhelmed (a couple hundred thousand lines of Fortran, a complete
website redesign, a major renovation, and some major engineering/surveying
work have my attention here... and that's just one job).

Thanks. It is just that I usually have control over all the open threads
so I can know they are all tied up. Right now, I have a mailbox full of
1/2 discussed items that haven't been resolved. I will need to start
reading all of them tomorrow and try to get closure on them.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
#6Lamar Owen
Lamar Owen
lamar.owen@wgcr.org
In reply to: Bruce Momjian (#5)
Re: My head is spinning

On Thursday 22 August 2002 11:07 pm, Bruce Momjian wrote:

Lamar Owen wrote:

Weekly News. When/if it does, *SHA-ZAM*. I'd personally like the news
item to read 'PostgreSQL developers release security update' rather than
'Security hole found in PostgreSQL'.

You bring up a good point. We don't want to appear reactive on this, we
want to be proactive. The CVS is all ready for release, so there isn't
anything holding us up except our quality control.

As to QA, I have REL7_2_STABLE coming down my dialup now. I'll try a test
build (given the CVS versus dist tarball quirks -- I really need to duplicate
the distribution scripts Marc has so that I can preroll tarballs from CVS
here...) tonight or tomorrow and see where it leads. My biggest difficulty
is merging any necessary RPM-specific patches -- and I have a couple of new
ones to put in, particularly a set of ones to contrib from Peter that I've
not yet merged in.

Thanks. It is just that I usually have control over all the open threads
so I can know they are all tied up. Right now, I have a mailbox full of
1/2 discussed items that haven't been resolved. I will need to start
reading all of them tomorrow and try to get closure on them.

Keeping 7.3 and 7.2.2 issues separate is going to be a challenge -- but we
always knew there'd be this possibility. I _know_ my build environment isn't
set up to parallel QA releases. And with Sep 1 nearing, I really need to get
my act together on building pre-7.3...
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11

#7Lamar Owen
Lamar Owen
lamar.owen@wgcr.org
In reply to: Bruce Momjian (#5)
Re: My head is spinning

On Thursday 22 August 2002 11:07 pm, Bruce Momjian wrote:

Lamar Owen wrote:

Weekly News. When/if it does, *SHA-ZAM*. I'd personally like the news
item to read 'PostgreSQL developers release security update' rather than
'Security hole found in PostgreSQL'.

You bring up a good point. We don't want to appear reactive on this, we
want to be proactive. The CVS is all ready for release, so there isn't
anything holding us up except our quality control.

Well, it _has_ been placed on LWN under the moniker 'Multiple buffer overflows
in PostgreSQL'. Not good, as everyone who claims to be a security expert
*knows* that all buffer overflows are the bane of a secure system.... It
isn't a headline item, though -- which is why it took me a minute to find it.

But even LWN isn't slashdot. It would be nice if we've dodged that bullet.
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11

#8Neil Conway
Neil Conway
neilc@samurai.com
In reply to: Lamar Owen (#4)
Re: My head is spinning

Lamar Owen <lamar.owen@wgcr.org> writes:

BugTraq's one thing -- slashdot is another thing entirely. I'm
quite surprized, in fact, it hasn't hit Linux Today, slashdot, or
Linux Weekly News.

I'd be very surprised if it is mentioned on Slashdot (LWN + Linuxtoday
carry routine security advisories, so they'll probably have it at some
point). The security problem is *not* that serious.

If push comes to shove I can push RPM's out Saturday, if the tarball
is ready. If not, Monday morning at the earliest.

I'd say release the RPMs when they are ready, a couple days won't make
a big difference either way. Given that the only remotely serious hole
(the datetime bug) has been public knowledge for a matter of weeks,
there's not a lot of point to panicking at this point.

Cheers,

Neil

--
Neil Conway <neilc@samurai.com> || PGP Key ID: DB3C29FC

#9Lamar Owen
Lamar Owen
lamar.owen@wgcr.org
In reply to: Neil Conway (#8)
Re: My head is spinning

On Thursday 22 August 2002 11:42 pm, Neil Conway wrote:

Lamar Owen <lamar.owen@wgcr.org> writes:

If push comes to shove I can push RPM's out Saturday, if the tarball
is ready. If not, Monday morning at the earliest.

I'd say release the RPMs when they are ready, a couple days won't make
a big difference either way. Given that the only remotely serious hole
(the datetime bug) has been public knowledge for a matter of weeks,
there's not a lot of point to panicking at this point.

Oh, I'm not panicking. I just try my best to release RPM's as close to
coincident to the tarball release as possible. Otherwise I get complaints.

And you're right -- the security issue itself isn't that serious (as I have
posted to both BugTraq and the OpenACS forum) -- but remember the mindset of
the typical slashdot reader.
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11

#10Vince Vielhaber
Vince Vielhaber
vev@michvhf.com
In reply to: Bruce Momjian (#3)
Re: My head is spinning

On Thu, 22 Aug 2002, Bruce Momjian wrote:

Lamar Owen wrote:

Hey, Bruce, gyroscopes spin to keep them stable.....

That doesn't seem to work for me.

Not spinning fast enough? Hey, I know. Let's stand him on his head!

Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: vev@michvhf.com http://www.pop4.net
56K Nationwide Dialup from $16.00/mo at Pop4 Networking
http://www.camping-usa.com http://www.cloudninegifts.com
http://www.meanstreamradio.com http://www.unknown-artists.com
==========================================================================

← Back to Topics