This is an automated email from the ASF dual-hosted git repository.
tqchen pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tvm.git
The following commit(s) were added to refs/heads/main by this push:
new 67627ed821 [DOCS] Clarify loading serialized artifacts requires a
trusted source (#19720)
67627ed821 is described below
commit 67627ed821e57258c4902e67f5dda1b6a06d10ca
Author: Tianqi Chen <[email protected]>
AuthorDate: Wed Jun 10 12:06:59 2026 -0400
[DOCS] Clarify loading serialized artifacts requires a trusted source
(#19720)
Clarify in the Security Guide that loading serialized artifacts must
only be done with input from a trusted source.
---
docs/reference/security.rst | 3 +++
1 file changed, 3 insertions(+)
diff --git a/docs/reference/security.rst b/docs/reference/security.rst
index c044c36bb1..f723ded053 100644
--- a/docs/reference/security.rst
+++ b/docs/reference/security.rst
@@ -51,6 +51,9 @@ RPC data exchange between the tracker, server and client are
in plain-text.
It is recommended to use them under trusted networking environment or
encrypted channels.
+Loading serialized artifacts must only be done with input from a trusted
source.
+
+
Security Advisories
-------------------
