Fnlla repositories follow documented support windows per release line. When a repository provides its own support matrix, that repository-specific policy takes precedence over this default.
Please do not open public issues for security vulnerabilities.
Report security issues privately via:
- Email:
security@fnlla.co.uk - Include repository, affected versions, impact, and reproduction steps
- Initial acknowledgement: within 2 business days
- Triage update: within 5 business days
- Remediation timeline: provided after triage based on severity
Detailed severity-based targets are documented in SECURITY_RESPONSE_SLA.md.
Fnlla follows coordinated disclosure. We will credit reporters when appropriate and when consent is provided.