Security fixes are released from the current release line. Older releases do not receive backports.
| Release line | Status |
|---|---|
| Latest | supported |
| Older | unsupported |
Report vulnerabilities through GitHub Security Advisories:
Include the affected version, operating system, impact, reproduction steps, and a proof of concept when available. Do not include those details in a public issue.
If GitHub Security Advisories are unavailable, open a public issue that asks for a private contact channel and contains no vulnerability details.