I'm not aware of any timing attacks against Django.
If there are attacks that we should be aware of please be a good open source citizen and report them to `security@djangoproject.com`. We take security reports very seriously, and want very much to fix any issues that're disclosed!
[edit to clarify: I'm one of the lead developers of Django, and one of the members of the security team that gets emails sent to the `security@` alias.]
5 comments
[ 2.5 ms ] story [ 7.6 ms ] threadIf there are attacks that we should be aware of please be a good open source citizen and report them to `security@djangoproject.com`. We take security reports very seriously, and want very much to fix any issues that're disclosed!
[edit to clarify: I'm one of the lead developers of Django, and one of the members of the security team that gets emails sent to the `security@` alias.]
[0]: http://code.google.com/p/django-brutebuster/