The latest minor version is always supported. Depending on the severity of a vulnerability, older minor versions may also be patched.

Please report vulnerabilities to nazar@vinnich.uk. If you want to use a channel that is more secure than email, express this intention through email without disclosing the vulnerability, and we will setup an alternative communication channel, e.g., Signal.

You will be credited for the vulnerability at https://klunok.org if you give permission. Also, a modest (two-figure) bounty may be offered.