2017-05-10 16:20:38 +02:00
# Security Announcements
2017-02-16 14:09:04 +01:00
2017-05-10 16:20:38 +02:00
## Receiving Security Advisories
2017-02-16 14:09:04 +01:00
2017-05-10 16:20:38 +02:00
The best way to receive any and all security announcements is to subscribe to the [Akka security list ](https://groups.google.com/forum/#!forum/akka-security ).
2017-02-16 14:09:04 +01:00
The mailing list is very low traffic, and receives notifications only after security reports have been managed by the core team and fixes are publicly available.
2017-05-10 16:20:38 +02:00
## Reporting Vulnerabilities
2017-02-16 14:09:04 +01:00
We strongly encourage people to report such problems to our private security mailing list first, before disclosing them in a public forum.
2017-02-15 08:51:36 +01:00
Following best practice, we strongly encourage anyone to report potential security
2017-05-10 16:20:38 +02:00
vulnerabilities to [security@akka.io ](mailto:security@akka.io ) before disclosing them in a public forum like the mailing list or as a Github issue.
2017-02-16 14:09:04 +01:00
Reports to this email address will be handled by our security team, who will work together with you
to ensure that a fix can be provided without delay.
2017-05-10 16:20:38 +02:00
## Security Related Documentation
2017-02-16 14:09:04 +01:00
2017-05-11 17:27:57 +02:00
* @ref: [Disabling the Java Serializer ](../remoting.md#disable-java-serializer )
* @ref: [Remote deployment whitelist ](../remoting.md#remote-deployment-whitelist )
* @ref: [Remote Security ](../remoting.md#remote-security )
2017-02-16 14:09:04 +01:00
2017-05-10 16:20:38 +02:00
## Fixed Security Vulnerabilities
2017-02-16 14:09:04 +01:00
2017-05-10 16:20:38 +02:00
@@toc { depth=1 }
2017-02-16 14:09:04 +01:00
2017-05-10 16:20:38 +02:00
@@@ index
2017-02-16 14:09:04 +01:00
2017-05-10 16:20:38 +02:00
* [2017-02-10-java-serialization ](2017-02-10-java-serialization.md )
@@@
