On Fri, Feb 10, 2017 at 5:35 PM, stanly sheng <[email protected]> wrote: > When HAWQ team commit the fix, everyone can see the commits even no > references. Will this make the security issue public if the fix is very > simple ?
True, but that's the only way to deal with this. This is why you MUST commit and immediately do a release. In fact, your release artifacts should really be staged when you're doing a commit so you can push a release out ASAP. Thanks, Roman.
