We release patches for security vulnerabilities. We release patches for the last two major versions.

Please report (suspected) security vulnerabilities to rob.gietema@gmail.com. You will receive a response from us within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.