| Version | Supported |
|---|---|
| Latest release | Yes — full support |
| Previous minor release | Security fixes only |
| Older releases | Not supported — please upgrade |
Please report security vulnerabilities via GitHub's private vulnerability reporting:
- Go to the Security tab of this repository
- Click "Report a vulnerability"
- Provide details of the issue
Do NOT open a public issue for security vulnerabilities.
- Acknowledgment within 48 hours
- Assessment and fix target within 7 days for critical issues
- Coordinated disclosure after fix is released
This policy covers the CMTrace Open application, its build pipeline, and release artifacts distributed through GitHub Releases and Patch My PC.