Security fixes are applied to the latest version.

If you find a potential security issue, please report it using the private vulnerability reporting feature of GitHub to automatically inform all relevant team members. Otherwise, please get in touch with stefan6419846 through e-mail (current maintainer, address in GitHub profile).

Please have a look at our corresponding user documentation as well, which includes some information about possibly invalid reports.

Additionaly, our AI policy should be considered. Reported issues we are unable to reproduce due to an invalid or missing proof-of-concept might be closed directly.

We will try to find a fix in a timely manner and then issue a security advisory together with the update via GitHub, as well as requesting a CVE (example).

If you do not get a reaction within 30 days, please open a public issue on GitHub.