Security fixes are primarily applied to the latest code in main and the latest public release.
Older versions may not receive security updates.
If you discover a security vulnerability, please report it privately:
- Email: hello@echotube.fun
Please include:
- a clear description of the issue
- impact assessment
- reproduction steps or proof of concept
- affected version/commit
Do not open a public issue for sensitive vulnerabilities.
When a valid report is received, maintainers will:
- acknowledge receipt
- investigate and validate impact
- prepare and test a fix
- publish a patch and advisory as appropriate
Response times can vary by complexity and maintainer availability.