# Security Policy

This project follows the [Eclipse Vulnerability Reporting Policy](https://www.eclipse.org/security/policy.php).
Vulnerabilities are tracked by the Eclipse security team, in cooperation with the project lead.
Fixing vulnerabilities is taken care of by the project committers, with assistance and guidance of the security
team.

## Supported Versions

Eclipse Paho provides security updates for the most recent version only.

## Reporting a Vulnerability

We recommend that in case of suspected vulnerabilities you do not create a GitHub issue, but instead contact the
Eclipse Security Team directly sending an email to security@eclipse.org.