Publicly disclosing security bugs in a public forum can put everyone at risk. Therefore, we ask that people follow the below instructions to report security vulnerability.

The supported version is always the latest major release available in our repository. We also release regular minor versions with fixes and corrections alongside some new features as well as patchfix releases, that you should keep upgrading to. Vulnerability fixes are made available as part of these patchfix releases and you can read our list of Security Advisories.

If you find a vulnerability in our software, please email the Timescale Security Team at security@timescale.com.

Please note that the e-mail address should only be used for reporting undisclosed security vulnerabilities in pgspot. Regular bug reports should be submitted as GitHub issues.