We fix security problems on the master branch. Downstream packagers are advised to cherry-pick those onto release versions. Currently, no point releases of already-released versions are made due to low development team head count.

Mail in to dontmind@sdf.org.