[EMAIL PROTECTED] > Who are the appropriate people to report security problems to > in respect of a module included with the Python distribution? > I don't feel it appropriate to be reporting it on general mailing > lists.
The Python project has no non-public resources for this. Filing a bug report on SourceForge is the usual approach. If you must, you could send email directly to Guido <mailto:[EMAIL PROTECTED]>. He may or may not have time to follow up on it; public disclosure is the norm in this project. Be forewarned that despite that he currently works for a security startup, his threshold for "security panic" is very high. -- http://mail.python.org/mailman/listinfo/python-list
