Security announcements will be recorded in the CHANGELOG.

To report a security vulnerability, email agithub-security-vulnerability-report-2021@mozilla.com

The members of this security vulnerability report mailing list can be configured by Mozilla here.

agithub is an open source project and all support is community driven. As such there are no specific versions which are supported. The newest released version which should contain all security fixes can be found on the GitHub releases page