The following list describes whether a version is eligible or not for security updates.
| Version | Supported | EOL |
|---|---|---|
| 3.2.x | ✅ | - |
| 3.1.x | ✅ | 19-Dec-2025 |
| 3.0.x | ❌ | 30-Sep-2025 |
| 2.0.x | ❌ | 31-Dec-2023 |
| 1.2.x | ❌ | 30-Jun-2023 |
| 1.1.x | ❌ | 31-Dec-2021 |
| 1.0.x | ❌ | 31-Dec-2021 |
If you discover a security vulnerability, please report it privately via e-mail.
The process is as follows:
- Send me an e-mail describing the security issue.
- Within 24 hours, I will acknowledge your report and provide initial feedback (for example, whether it is indeed a vulnerability and its potential severity).
- Within 7 days, I will work on a fix and release an update.
- Once the update is available, I will publish a security advisory.
- 2025-10-03: Strengthened base32 decoding to use exact integer sizing and tightened writes to avoid potential over-allocation and to prevent out-of-bounds writes.