Fix links

content/posts/join-the-python-security-response-team/index.md

@@ -10,7 +10,7 @@ published: true
 legacyUrl: /2026/02/join-the-python-security-response-team.html
 ---
 
-Thanks to the work of the Security Developer-in-Residence Seth Larson, the Python Security Response Team (PSRT) now has an approved public governance document ([PEP 811](https://peps.python.org/pep-0811/)). Following the new governance structure the PSRT now publishes a [public list of members](https://www.python.org/psf/records/board/psrt/), has documented responsibilities for members and admins, and a defined process for onboarding and offboarding members to balance the needs of security and sustainability. The document also clarifies the relationship between the Python Steering Council and the PSRT.
+Thanks to the work of the Security Developer-in-Residence Seth Larson, the Python Security Response Team (PSRT) now has an approved public governance document ([PEP 811](https://peps.python.org/pep-0811/)). Following the new governance structure the PSRT now publishes a [public list of members](https://devguide.python.org/developer-workflow/psrt/#members), has documented responsibilities for members and admins, and a defined process for onboarding and offboarding members to balance the needs of security and sustainability. The document also clarifies the relationship between the Python Steering Council and the PSRT.
 
 And this new onboarding process is already working! The PSF Infrastructure Engineer, [Jacob Coffee](https://github.com/JacobCoffee), has just joined the PSRT as the first new non-"Release Manager" member since Seth joined the PSRT in 2023. We expect new members to join further bolstering the sustainability of security work for the Python programming language.
 
@@ -22,7 +22,7 @@ Security doesn't happen by accident: it's thanks to the work of volunteers and p
 
 And the PSRT usually can't do this work alone, PSRT coordinators are encouraged to involve maintainers and experts on the projects and submodules. By involving the experts directly in the remediation process ensures fixes adhere to existing API conventions and threat-models, are maintainable long-term, and have minimal impact on existing use-cases.
 
-Sometimes the PSRT even coordinates with other open source projects to avoid catching the Python ecosystem off-guard by publishing a vulnerability advisory that affects multiple other projects. The most recent example of this is [PyPI's ZIP archive differential attack mitigation](https://blog.pypi.org/posts/2025-01-02-zip-archive-differential-attack/).
+Sometimes the PSRT even coordinates with other open source projects to avoid catching the Python ecosystem off-guard by publishing a vulnerability advisory that affects multiple other projects. The most recent example of this is [PyPI's ZIP archive differential attack mitigation](https://blog.pypi.org/posts/2025-08-07-wheel-archive-confusion-attacks/).
 
 This work deserves recognition and celebration just like contributions to source code and documentation. Seth and Jacob are developing further improvements to workflows involving "GitHub Security Advisories" to record the reporter, coordinator, and remediation developers and reviewers to CVE and OSV records to properly thank everyone involved in the otherwise private contribution to open source projects.