Security updates are provided by releasing a new version of Ibis.
- Privately send security reports to the security team Emails sent to this address are sent to a private Zulip channel where only members of the Ibis security team can see them.
- Vulnerability reports are published on GitHub at https://github.com/ibis-project/ibis/security/advisories
- If a vulnerability is accepted we will attempt to address it as soon as possible, by cutting a new release.