We are currently providing all versions in development x.y.z-dev
with security patches. Old versions x.y.z-old
are not provided with
security patches.
Use the button in the link below to report an security issue. A list of published security issues can also be found there.
The security issue will be reported private to a collaborator who will check the report for formality. If the report passes these formalities the report will run through an escalation process until all needed collaborators are involved.
Then this issue will be fixed confidential by the involved collaborators.
If fixing the needed parts in the software are done, a decision will be made if this issue will be either
- published with CVE, published without CVE or kept private.