Security fixes are provided in new releases and bugfix releases.
We do not backport security fixes to older releases.
(Yet, Linux distributions might backport security fixes for their packages.)
Please do not report vulnerabilities via GitHub issues.
If you have discovered a vulnerability, it is best to notify us about it via [email protected] in order to set up a meeting where we can discuss the next steps.