Only the latest minor release receives security patches.

Do not open a public issue.

Email [email protected] with:

1. Description of the vulnerability
2. Steps to reproduce
3. Impact assessment
4. (Optional) Suggested fix

We will acknowledge receipt within 48 hours and aim to release a patch within 7 days of confirmation.