We are happy if you report bugs (although we are not happy that there are any). But if the bugs have security-implications please report them via mail bugs-rspl@shtsoft.eu and do NOT use the public GitHub Issue tracker in this case to give us some time for fixes. Otherwise the public GitHub Issue tracker is preferred.

Once a patch is deployed the corresponding vulnerabilities are reported to the RustSec by the maintainers.