Only the latest minor release is supported with security patches.
Please report report vulnerabilities through GitHub Security Advisories. If for whatever reason you don't want to use GitHub, contact Jonathan via one of the methods mentioned on his web page.
When reporting, please include:
- A description of the vulnerability
- Steps to reproduce
- Information about the serial device being used
- Potential impact
- Any suggested fix
You should receive a response within 7 days acknowledging receipt. We will work with you to understand the issue and coordinate a fix and disclosure timeline.
We follow coordinated disclosure. We ask that you give us reasonable time to address the issue before public disclosure.