# Security Policy

## Supported Versions

Security updates are offered for the **3 most recent** minor CKAN releases. They are included in patch releases, but not acknowledged in the release announcement or [CHANGELOG.rst](CHANGELOG.rst), hence the advice to always run the latest patch releases.

For more about CKAN releases see: http://docs.ckan.org/en/latest/maintaining/upgrading/index.html#ckan-releases

## Reporting a Vulnerability

If you find a potential security vulnerability please email security@ckan.org, rather than creating a public issue on GitHub.