Django and security

Posted by James Bennett on August 7, 2012

Following last week's security releases, we've received a few questions, and also noted some confusion.

To answer those questions and clear up any confusion, today we've added a new section to the Django documentation, outlining Django's security policies in detail. Our hope is for this document to be a one-stop shop for any questions you may have about how the Django project handles security issues; if there's anything missing from it, please let us know. And if you need a convenient, easy-to-remember URL, djangoproject.com/security/ redirects to this document.

In particular, we'd like to encourage all users of Django to read the sections on who receives security notifications, how to request them and what the criteria are for inclusion on our security notification list. For obvious reasons, that list simply cannot include most users of Django, and must be kept small in order to serve its intended purpose.

We also strongly encourage all users of Django to subscribe to the django-announce mailing list, which is a low-traffic list serving only to announce new Django releases.

News & Events

Django and security

Additional Information

Support Django!

Upcoming Events

Archives

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

RSS Feeds

Django Links

Learn More

Get Involved

Get Help

Follow Us

Support Us