Security email address

author: Tom Christie 2013-05-22 16:45:33 +0100
committer: Tom Christie 2013-05-22 16:45:33 +0100
commit: c55406657d40e12c37a2390bf4b44ae01a356c2a (patch)
tree: 1f7505a8a613271237daf024deff2bb49296b3ac /README.md
parent: 0c2b534d95240c0e08f9af261f676447d3a3ab57 (diff)
download: django-rest-framework-c55406657d40e12c37a2390bf4b44ae01a356c2a.tar.bz2
1 files changed, 7 insertions, 0 deletions
diff --git a/README.md b/README.md
index 5d1631d4..94996c39 100644
--- a/README.md
+++ b/README.md
@@ -102,6 +102,12 @@ For questions and support, use the [REST framework discussion group][group], or
 
 You may also want to [follow the author on Twitter][twitter].
 
+# Security
+
+If you believe you’ve found something in Django REST framework which has security implications, please **do not raise the issue in a public forum**.
+
+Send a description of the issue via email to [rest-framework-security@googlegroups.com][security-mail].  The project maintainers will then work with you to resolve any issues where required, prior to any public disclosure.
+
 # License
 
 Copyright (c) 2011-2013, Tom Christie
@@ -149,3 +155,4 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 [pyyaml]: http://pypi.python.org/pypi/PyYAML
 [defusedxml]: https://pypi.python.org/pypi/defusedxml
 [django-filter]: http://pypi.python.org/pypi/django-filter
+[security-mail]: mailto:rest-framework-security@googlegroups.com
author	Tom Christie	2013-05-22 16:45:33 +0100
committer	Tom Christie	2013-05-22 16:45:33 +0100
commit	c55406657d40e12c37a2390bf4b44ae01a356c2a (patch)
tree	1f7505a8a613271237daf024deff2bb49296b3ac /README.md
parent	0c2b534d95240c0e08f9af261f676447d3a3ab57 (diff)
download	django-rest-framework-c55406657d40e12c37a2390bf4b44ae01a356c2a.tar.bz2