Permalink
Browse files

[1.5.x] Fixed #21121: Added archive of security issues.

Backport of 9d3e60a, 8e134c2, 8b3bae9, c65ae7c, bbabc53,
and a2e25e8 from master.
  • Loading branch information...
freakboy3742 committed Sep 19, 2013
1 parent 87c8de2 commit 75c0aa43d33d1a6e1aad306ea144226843b1edab
Showing with 468 additions and 0 deletions.
  1. +1 −0 docs/index.txt
  2. +6 −0 docs/internals/security.txt
  3. +11 −0 docs/releases/index.txt
  4. +450 −0 docs/releases/security.txt
View
@@ -212,6 +212,7 @@ Security is a topic of paramount importance in the development of Web
applications and Django provides multiple protection tools and mechanisms:
* :doc:`Security overview <topics/security>`
+* :doc:`Disclosed security issues in Django <releases/security>`
* :doc:`Clickjacking protection <ref/clickjacking>`
* :doc:`Cross Site Request Forgery protection <ref/contrib/csrf>`
* :doc:`Cryptographic signing <topics/signing>`
@@ -1,3 +1,5 @@
+.. _internals-security:
+
==========================
Django's security policies
==========================
@@ -124,6 +126,10 @@ may privately contact and discuss those issues with the appropriate
maintainers, and coordinate our own disclosure and resolution with
theirs.
+The Django team also maintains an :doc:`archive of security issues
+disclosed in Django</releases/security>`.
+
+
.. _security-notifications:
Who receives advance notification
View
@@ -98,6 +98,16 @@ Pre-1.0 releases
0.96
0.95
+Security releases
+=================
+
+Whenever a security issue is disclosed via :doc:`Django's security
+policies </internals/security>`, appropriate release notes are now
+added to all affected release series.
+
+Additionally, :doc:`an archive of disclosed security issues
+</releases/security>` is maintained.
+
Development releases
====================
@@ -108,6 +118,7 @@ notes.
.. toctree::
:maxdepth: 1
+ security
1.5-beta-1
1.5-alpha-1
1.4-beta-1
Oops, something went wrong.

0 comments on commit 75c0aa4

Please sign in to comment.