https://oss-security.openwall.org/wiki/mailing-lists/oss-security
The purpose of the Open Source Security (oss-security) group is to encourage public discussion of security flaws, concepts, and practices in the Open Source community. The members of this group include, but are not limited to Open Source projects, distributors, researchers, and developers.