Security updates are provided for a new release only. That means patches for older releases will not be provided.
Please report (suspected) security vulnerabilities by making use of Security Advisories.
Please do not use GitHub Issues for that!
We try to give a response within 48 hours. If the issue is confirmed, a new release addressing the reported vulnerability will be done as soon as possible (depending on complexity).