# pygeoapi Security Policy

## Reporting

Security/vulnerability reports **should not** be submitted through GitHub issues or public discussions, but instead please send your report 
to **geopython-security nospam @ lists.osgeo.org** (remove the blanks and 'nospam').  

Please follow the [contributor guidelines](https://github.com/geopython/pygeoapi/blob/master/CONTRIBUTING.md) when submitting a vulnerability report.

## Supported Versions

The pygeoapi Project Steering Committee (PSC) will release patches for security vulnerabilities for the following versions:

| Version | Supported          |
| ------- | ------------------ |
| 0.10.x  | :white_check_mark: |
| < 0.10  | :x:                |