The components of this system do never collect or store any personal data.

They however exchange data you provide with the Mumble server you connect to, as well as other mumble clients, so be sure to never supply personal data like real names etc. Also never enter passwords or something like that into one of the systems components; it's all password free.

The data exchanged locally (like FGFS or RadioGui to the plugin) is in plaintext, but the data the plugin sends to the Mumble server is encrypted using mumbles own facilities; however bear in mind that the server itself as well as other mumble clients can see the data in plaintext.

The project will maintain the latest stable release. Security patches are usually included in the next ordinary release.
Fixing security bugs has priority over other issues, so we try to fix them as soon as possible.

If you find a vulnerability, please report it as issue on the tracker, using the prefix Security: so attention is rised.
If the issue is of higher danger, you should consider "responsible disclosure" (send the report privately to the project first).

Please describe the issue as detailed as possible. If possible, it would be cool if you could provide a patch when reporting.