Hi Discourse Developers and Users,
Some of you probably heard about the recent vBulletin zero-day. I realized that something like can happen to every project - even super modern like Discourse.
I realized that I need to start following security feed / mailing list for every project I use. Even if the project has auto-updates I need to get a message about security vulnerabilities so I can manually check that updates were applied. In case of Discourse I’d rebuild Docker to make sure that my forum won’t get hacked in case of known security issue.
I can’t find a specific feed for security news (and nothing else) at Discourse.
Could you please tell me does Discourse have feed / mailing list / blog category / something that shows only security issues and that I can follow / subscribe so I can quickly get an e-mail / notification in case of zero-day or new version that includes security patches?