Notice that, while there are multiple versions of Janus, they're simply tagged versions of the master Janus branch. As such, once they're tagged as versions, they won't receive security updates. The only way to get security updates that are published after a specific version is to either use a more recent tagged version (if it includes the security fix) or refer to the master branch instead (which is where active development focuses on). Refer to the CHANGELOG.md file for information of what each version adds, including security related fixes.

In case you find a vulnerability you think we should be aware of, please use the contact form on the Meetecho website, using the "Not sure/Other" service type in the dropdown menu. We take vulnerability reports very seriously, and so we tend to prioritize the evaulation of such reports and, in case a fix is indeed warranted, the development of a fix.