As Mortar is currently "rolling-release" of sorts, there are not set "versions" to track security issues with. I hope to change this in the future, but will disclose any confirmed vulnerabilities with the most detail and remediation information possible.
| Version | Supported |
|---|---|
| git | ✔️ |
Good people responsibly disclose. If you find a security vulnerability in Mortar, I can be contacted through Keybase or Telegram (Find me in the group linked in the README). If these methods of contact do not work for you, please open an issue specifying a means by which I may reach you. I've no intention of depriving someone of a trophy 0-day discovery, but lets fix it first eh? ;P