This policy applies to all repositories under the Veltiq organization unless a repository defines its own.
Please do not open a public issue for security problems.
- Preferred: open a private GitHub Security Advisory on the affected repository (Security → Report a vulnerability).
- Or email support@veltiq.net with the details and steps to reproduce.
We aim to acknowledge reports within 3 business days and to provide a remediation timeline after triage. We'll credit you in the advisory once a fix ships, unless you prefer to remain anonymous.
Unless a repository states otherwise, only the latest released version receives security fixes.