# Security Policy

## Supported Versions

Fixes to vulnerabilities result in the project issuing
a new release with the fixes. We do not
patch and release an updated version of a previous
release. We will fix any vulnerability from any release
if and only if the vulnerability still exists in the latest
release.

| Version | Supported          |
| ------- | ------------------ |
| 0.9.1   | :white_check_mark: |
| < 0.9.1 | :white_check_mark: |

## Reporting a Vulnerability

One way to report is to add a Issue on the issues page for
the project.
Another is to email to libdwarf at linuxmail dot org

Normally we respond to a report within one day and provide
fixes within a day or two.  We can provide the new version
of the affected source file as a diff or a copy of the
fixed source file(s) when that seems appropriate.