On Thu, Jun 19, 2014, at 18:23, Antoine Pitrou wrote: > > > Le 19/06/2014 21:13, Nick Coghlan a écrit : > > A colleague spotted a possible security issue with one of the CPython > > workflow tools (specifically with the configuration of our > > installation, rather than with the upstream project), and would like > > to know where to report it securely. > > > > Currently the developer guide covers CPython itself > > (secur...@python.org), and infrastruct...@python.org is the likely > > place for the main PSF infrastructure, but it isn't clear where such > > problems with the CPython worfklow tools should be reported. > > I think security@ is fine. > infrastructure@ is not, since anyone can read it.
There's also infrastructure-st...@python.org, which is private, but they don't own much of the CPython developer infra. If it's the tracker, for example, you're better off emailing Martin/bitdancer/Ezio privately. _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers
