Discourse security announcements

Hi Discourse Developers and Users,

Some of you probably heard about the recent vBulletin zero-day. I realized that something like can happen to every project - even super modern like Discourse.

I realized that I need to start following security feed / mailing list for every project I use. Even if the project has auto-updates I need to get a message about security vulnerabilities so I can manually check that updates were applied. In case of Discourse I’d rebuild Docker to make sure that my forum won’t get hacked in case of known security issue.

I can’t find a specific feed for security news (and nothing else) at Discourse.

Could you please tell me does Discourse have feed / mailing list / blog category / something that shows only security issues and that I can follow / subscribe so I can quickly get an e-mail / notification in case of zero-day or new version that includes security patches?

Thank you

Matt

1 Like

Here it is

2 Likes

For some reason I couldn’t find that one. Thank you. RSS feed is the best option:
https://github.com/discourse/discourse/search?utf8=✓&q=SECURITY&type=Commits

1 Like