[Python-modules-team] No embargo / pre-announce for CVE-2019-3498?
Tim Graham
timograham at gmail.com
Fri Jan 4 21:51:14 GMT 2019
Correct. From the bottom of the blog post:
This issue was publicly reported through a GitHub pull request, therefore
we fixed the issue as soon as possible without the usual prenotification
process
<https://docs.djangoproject.com/en/dev/internals/security/#how-django-discloses-security-issues>
.
<https://www.djangoproject.com/weblog/2019/jan/04/security-releases/#top>
On Fri, Jan 4, 2019, 12:14 PM Chris Lamb <lamby at debian.org wrote:
> Hi Tim,
>
> I just noticed:
>
> https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
>
> … in my RSS reader. Was this sent to the Django security "pre-
> announce" list? :)
>
> If yes, I appear to have been dropped from that list and, if not,
> then I would be curious why!
>
>
> Regards,
>
> --
> ,''`.
> : :' : Chris Lamb
> `. `'` lamby at debian.org / chris-lamb.co.uk
> `-
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/python-modules-team/attachments/20190104/3b25ad54/attachment.html>
More information about the Python-modules-team
mailing list