To report a security issue, please open a draft security advisory.
Security issues are handled with top priority. Once acknowledged, a fix should be available and new version released as soon as possible. Security advisories will be made public after a fix and new version have been released, or the advisory has been declined.
Only the last published version and the last development version (last commit) are supported.