We don't want to release Tails ISO's and learn 2 days later about important security issues fixed by Debian security updates. The following set of tools should be enough to avoid such bad timing, e.g. by delaying a Tails release a bit to wait for a DSA to happen.

Debian security team

Security tracker

The Debian security tracker's GIT repository is the main place where Debian tracks the status of security issues.

We can look at the list of upcoming Debian Security Advisories (DSA).

There is also a mailing list that broadcasts changes to this repository.