Currently we support the whole project in all versions for security updates. From the first release on, we will run a forward strategy, so in the first time, we'll only support the latest version with security updates.

Please contact me directly, if you encounter a vulnerability: [email protected]

These are the steps, that follow your inquiry:

• Short answer, to inform you, that I noticed your message, and if your request will be handled.
• Checking out the vulnerability and it's severity.
• Fixing
• Writing documentation.
• Creating a bugfix branch (maybe in private, especially for critical security vulnerabilities).
• Merge into master.
• Creation of an update package.
• Creation of a fixed release.
• Information to you, that the vulnerability has been fixed.
• Information of the community/users.