Re: Security lessons from liblzma

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Bruce Momjian <bruce@momjian.us>
Cc: Andres Freund <andres@anarazel.de>, Michael Banck <mbanck@gmx.net>, Devrim Gündüz <devrim@gunduz.org>, Joe Conway <mail@joeconway.com>, Robert Haas <robertmhaas@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2024-04-01T19:17:55Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Introduce a non-recursive JSON parser

Bruce Momjian <bruce@momjian.us> writes:
> I was more asking if users have access to patches so they could recreate
> the build by using the Postgres git tree and supplied OS-specific
> patches.

AFAIK, every open-source distro makes all the pieces needed to
rebuild their packages available to users.  It wouldn't be much
of an open-source situation otherwise.  You do have to learn
their package build process.

			regards, tom lane