How the Django Software Foundation Became a CNA (opens in new tab)

Why the DSF pursued CNA status Django has a long history of responsible security practices: a dedicated, private security mailing list, clear advisory policies, and predictable security releases. Even so, we relied on external organizations to assign . This sometimes introduced administrative delays and extra coordination overhead. Becoming a allows the DSF to: Assign CVEs ourselves for vulnerabilities in Django and selected community projects. Publish advisories more efficiently and in close...