# Security Policy

This document describes how to report security issues in the oletools project.

## Supported Versions

The following table shows which versions of the oletools project are
currently being supported with security updates:

| Version  | Supported          |
| -------  | ------------------ |
| <0.60.x  | :x:                |
| >=0.60.x | :white_check_mark: |

## Reporting a Vulnerability

If you would like to report a vulnerability affecting the oletools project,
please send a first email to decalage at laposte dot net, without giving
technical details. You will then be provided with a GPG key to send
encrypted emails.

Alternatively you may also contact me via X/Twitter, Mastodon or BlueSky
using private messages (see https://linktr.ee/decalage).

Please note that oletools is a non-commercial open-source project maintained 
on my spare time. I will do my best to answer in due time and fix 
vulnerabilities.