# Security Policy

## Supported Versions

Security updates are applied only to the latest release.

## Reporting a Vulnerability

If you have discovered a security vulnerability in this project, please
report it privately. **Do not disclose it as a public issue.** This gives
us time to work with you to fix the issue before public exposure, reducing
the chance that the exploit will be used before a patch is released.

Please disclose your issue through Github's
[security advisory facility](https://github.com/kjd/idna/security/advisories/new).

We will endeavor to prioritize review, remediation and disclosure of
vulnerabilites. However, be mindful that this project is maintained by a
team of volunteers who work on a best effort basis.