Security Policy

Supported Versions

< 9.1:x:

Reporting a Vulnerability

If you think you have found a possible vulnerability please reach out to the private project mailing list or the Apache Security list

Please DO NOT create a GitHub issue or email the project dev list as they are public. This project follows the Apache Vulnerability Handling Policy documented here.