I’m happy to announce the availability of a new mailing list, with the mission
of providing security announcements to the Python community from the Python
Security Response Team (PSRT):
[email protected]
You can sign up in the usual Mailman way:
https://mail.python.org/mailman/listinfo/security-announce
This joins our suite of security related forums. As always, if you believe
you’ve found a security issue in Python, you should contact the PSRT directly
and securely via:
[email protected]
For more information on how you can contact us, see:
https://www.python.org/news/security/
We also have a public security-focused discussion mailing list that you can
subscribe and contribute to.
[email protected]
https://mail.python.org/mailman/listinfo/security-sig
Please don’t report security vulnerabilities here, since this is a publicly
archived mailing list. We welcome you to collaborate here to help make Python
and its ecosystem even more secure than it already is.
Once a security vulnerability is identified and fixed, it becomes public
knowledge. Generally, these are captured in a ReadTheDocs site for posterity:
https://python-security.readthedocs.io/
This new security-announce mailing list fills a void — one-way communication
about security related matters from the PSRT back to the community. This is an
area that we’ve not done a great job at, frankly, and this new announcement
list is intended to improve that situation. The PSRT will use this low
traffic, high value forum as the primary way the PSRT will communicate security
issues of high importance back to the wider Python community. All follow-ups
to postings to this list are redirected to the security-sig mailing list.
Cheers,
-Barry (on behalf of the PSRT)
signature.asc
Description: Message signed with OpenPGP
___
Python-Dev mailing list
[email protected]
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
