Please report (suspected) security vulnerabilities to [email protected]. I will try to respond within 48 hours.
If the issue is confirmed, I will try to release a patch as soon as possible depending on complexity.
For security enhancements (not vulnerabilities), you may use the Git Issue Tracker.