Each release is supported until there are two newer releases. For example, v1.3 was supported until the release of v1.5, and v1.4 was supported until the release of v1.6. Fixing critical problems in supported releases is done by issuing patch revisions (for example, v1.3.1, v1.3.2, and so on).

To report a security issue, please email [email protected] with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.

We will respond within 7 working days of your email, and let you know if the issue is confirmed as a vulnerability and how it is going to be handled.