The following LazyOwn versions currently receive support and security updates:

If you discover a security vulnerability in LazyOwn, please follow these steps to report it responsibly:

1. Do not publish it: Do not publish vulnerability details on public forums, repository issues, or social media.
2. Email us: Send an email to our security team at security@lazyown.com. Include the following information:
   • Detailed description of the vulnerability.
   • Steps to reproduce the issue.
   • Potential impact of the vulnerability.
   • Any other relevant information that may help us understand and fix the problem.

Once we receive your vulnerability report, we will follow these steps:

1. Acknowledgment: We will confirm receipt of your report within 2 business days.
2. Initial Assessment: We will assess the vulnerability to determine its impact and correction priority.
3. Solution Development: We will work on a fix for the vulnerability. We will keep you informed about progress.
4. Patch Release: We will release a patch to fix the vulnerability. You will be credited for the report unless you prefer to remain anonymous.
5. Disclosure: We will publish a security advisory detailing the vulnerability and the implemented solution.

LazyOwn is part of the GitHub Security Lab, where we collaborate with other open source projects to improve the security of our products. If you are interested in participating, visit GitHub Security Lab for more information.

For more information on coordinated vulnerability disclosure and repository security advisories on GitHub, consult the following resources:

• About coordinated disclosure of security vulnerabilities
• About repository security advisories

Thank you for helping keep LazyOwn safe and secure.