As long as the project is in its alpha or beta phase, security updates are provided with a new release only. That means patches for older releases will not be provided. This policy will be updated as soon as the project is considered to have evolved to beta.

Please report (suspected) security vulnerabilities by making use of Security Advisories. Do not use GitHub issues for that. You will receive a response 48 hours. If the issue is confirmed, a new release addressing the reported vulnerability will be done as soon as possible (depending on complexity).