Until a stable release is created, security patches will be applied on an ad-hoc basis.

Create an issue here using the "Report a security vulnerability" option - this ensures the report is easier to read and more likely to be accepted.

We will be trying to remediate all security issues, but if required we can change crates used to avoid insecure packages. Any vulnerability report will be seriously considered and it's extremely unlikely they will be rejected.