# Security Policy

We aim to keep TimescaleDB safe for everyone.

Publicly disclosing security bugs in a public forum can put everyone in the
Timescale community at risk,
however. Therefore, we ask that people follow the below instructions to report
security vulnerability.
The entire Timescale community thanks you!

## Supported Versions

The supported version is always the latest major release available in our
repository.
We also release regular minor versions with fixes and corrections alongside some
new features as well as patchfix releases, that you should keep upgrading to.
Vulnerability fixes are made available as part of these patchfix releases and you
can read our list of [Security
Advisories](https://github.com/timescale/timescaledb/security/advisories?
state=published).

You can also take a look at our [Support

Policy](https://www.timescale.com/legal/support-policy).

## Reporting a Vulnerability

If you find a vulnerability in our software, please email the Timescale Security
Team at [email protected].

Please note that the e-mail address should only be used for reporting undisclosed
security vulnerabilities in Timescale products and services.
Regular bug reports should be submitted as GitHub issues, while other _questions_
around security,
compliance, or functionality can be made either through our support (for customers)
or
community channels (e.g., [Timescale Slack](https://slack.timescale.com/), [Forums]
(https://www.timescale.com/forums), etc.)