sphobjinv development currently does not use any maintenance branches, so any security fixes will be released inline with the primary development branch.

To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure, including any updates on progress toward a fix on a vulnerability and on accept/decline status of the vulnerability report.