We release patches for security vulnerabilities for the latest release.
If you discover a security vulnerability, please email the maintainers (or open a private security advisory on GitHub). Do not open a public issue.
Include:
- a description of the vulnerability
- steps to reproduce
- potential impact
We'll respond as soon as we can and keep you updated on progress.