This project does not maintain multiple supported release branches.

Security fixes are applied only to the current master branch. Releases are created directly from master.

Older releases are not maintained and do not receive security updates. Users are encouraged to update to the latest release.

If you discover a security vulnerability in this repository, please report it privately and do not open a public GitHub issue.

• Email: security@supla.org
• Include as much detail as possible:
  • affected component or file
  • steps to reproduce
  • potential impact
  • any proof of concept (if available)

After receiving a report:

1. We will acknowledge the report.
2. We will investigate and assess the impact.
3. If confirmed, we will work on a fix.
4. We may publish a security advisory after a fix is available.

Please allow reasonable time for us to investigate before any public disclosure.