Security updates are applied only to the latest release.
If you have discovered a security vulnerability in this project, please report it privately. Do not disclose it as a public issue. This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
Please disclose your issue through Github's security advisory facility.
We will endeavor to prioritize review, remediation and disclosure of vulnerabilites. However, be mindful that this project is maintained by a team of volunteers who work on a best effort basis.