Individuals or organisations that are experiencing a product security issue are strongly encouraged to contact the projects maintainers. We welcome reports from independent researchers, industry organisations, vendors, customers, and other sources concerned with our project security. The minimal data needed for reporting a security issue is a description of the potential vulnerability.