The current "head" version ("master" branch) undergoes some automatic tests, but may have defects and vulnerabilities. All development branches may be in an intermediate, untested state.

For released versions, additional tests are performed, including manual tests, static source code analysis and fuzz testing.

Defects will be fixed in the current head version. Selected, critical defects are fixed in the latest release as well.

Please send vulnerability reports by email to bel2125 at gmail com. Vulnerability with low severity can be sent directly by email.

For high severity vulnerabilities, you can get an individual gpg key to encrypt your detailed description of vulnerabilities you want to report.

If you do not get any response within on week, your email might have been lost (e.g., deleted as false positive by a spam filter). In this case, please open a GitHub issue.