We create rpm packages of our python toolchain. They are tagged and versioned so that they can be listed as dependencies of the different application rpms.

For getting notified when exploits exist there are RSS feeds, services and products out there that will let you know about exploits. At the very least any admin should probably be following CVE or NVD (which includes CVE).

How to manage exploits in libraries used by your application, but not in the virtualenv? For example ImageMagick, the python executable itself or a system library that python uses. I think your only option is to upgrade the platform, and then do the required vetting of the virtualenv and application.

At my work we create our own package (RPM) which includes python. We are in the same boat if there is a system library security flaw (upgrade the platform, vet the application). However application libraries or python itself are easily managed as they are in the toolchain package. We simply rev that, run it through our continuous integration build which rebuilds all the projects and generates all new packages for the upgrade toolchain.

There is no vertically integrated solution specific to python or django that I know of.