# Security Announcements

## Receiving Security Advisories

The best way to receive any and all security announcements is to subscribe to the [Akka security list](https://groups.google.com/forum/#!forum/akka-security).

The mailing list is very low traffic, and receives notifications only after security reports have been managed by the core team and fixes are publicly available.

## Reporting Vulnerabilities

We strongly encourage people to report such problems to our private security mailing list first, before disclosing them in a public forum.

Following best practice, we strongly encourage anyone to report potential security 
vulnerabilities to [security@akka.io](mailto:security@akka.io) before disclosing them in a public forum like the mailing list or as a Github issue.

Reports to this email address will be handled by our security team, who will work together with you
to ensure that a fix can be provided without delay.

## Security Related Documentation

 * @ref:[Disabling the Java Serializer](../remoting.md#disable-java-serializer)
 * @ref:[Remote deployment whitelist](../remoting.md#remote-deployment-whitelist)
 * @ref:[Remote Security](../remoting.md#remote-security)

## Fixed Security Vulnerabilities

@@toc { depth=1 }

@@@ index

* [2017-02-10-java-serialization](2017-02-10-java-serialization.md)

@@@