A talk together with Florian Apolloner
Ever thought about what happens when somebody finds a security issue in Django? How does one responsibly disclose the issue? What happens after that? How does the Django team work on it? What happens until a Django security release is published? What comes afterwards? Also, Django is “reassuringly secure”. Let’s look at the history ;-)
We'll give an insight on how the Django team handles security issues, which can serve as a guideline and followed in own projects. We'll will also review the history of Django's security issues to identify hotspots and areas to look out for.