In article <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote: > >Who are the appropriate people to report security problems to in >respect of a module included with the Python distribution? I don't >feel it appropriate to be reporting it on general mailing lists.
There is no generally appropriate non-public mechanism for reporting security issues. If you really think this needs to be handled privately, do some research to find out which core developer is most likely to be familiar with it. Even before you do that, check SourceForge to find out whether anyone else has reported it as a bug. -- Aahz ([EMAIL PROTECTED]) <*> http://www.pythoncraft.com/ "19. A language that doesn't affect the way you think about programming, is not worth knowing." --Alan Perlis -- http://mail.python.org/mailman/listinfo/python-list