I run several different Open Source products with multiple modules from 3rd party developers.

What I would like to know is what Security sites do you moniter for exploits and vulnerabilities besides the main product site?

Thanks!

http://www.osvdb.org/

bugtraq mailing list is a good bet too, i've got a gmail account dedicated to security mailing list subscriptions