The table below outlines which versions of the project currently receive security patches. Because this is an active native port development track, security updates are strictly focused on the current active branch.
| Version | Supported |
|---|---|
| master | ✅ |
| < master | ❌ |
If you discover a security vulnerability (such as a buffer overflow, memory leak, or crash exploit related to audio file parsing), do not open a public GitHub Issue. Public issues expose the exploit before it can be fixed.
Instead, please report vulnerabilities by using one of the following methods:
- GitHub Private Vulnerability Reporting: Go to the Security tab of this repository on GitHub, click on Vulnerability reporting on the left sidebar, and click Report a vulnerability. This keeps the details secure between you and the maintainer.
- Direct Contact: Alternatively, you can reach out via email to the address listed on my public GitHub profile.
- Response Time: You will receive an initial acknowledgment of your report within 48 to 72 hours.
- Resolution: If the vulnerability is accepted, a fix will be committed directly to the
masterbranch. Credit will be given to the reporter in the release notes or commit history if desired.
Thank you for helping keep this project secure!