Only the latest non-prerelease version is supported.

To report a security vulnerability

You can also directly propose a GitHub security advisory on the Flit Security page of github:

https://github.com/pypa/flit/security

You can use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.

If you are a tidelift subscriber, this is the preferred path