We aim to support the latest released version of ollama4j and the most recent minor version prior to it. Older versions may receive fixes on a best-effort basis.
Please do not open public GitHub issues for security vulnerabilities.
Instead, email the maintainer at:
Include as much detail as possible:
- A clear description of the issue and impact
- Steps to reproduce or proof-of-concept
- Affected version(s) and environment
- Any suggested mitigations or patches
You should receive an acknowledgement within 72 hours. We will work with you to validate the issue, determine severity, and prepare a fix.
We follow a responsible disclosure process:
- Receive and validate report privately.
- Develop and test a fix.
- Coordinate a release that includes the fix.
- Publicly credit the reporter (if desired) in release notes.
Releases may be signed as part of our CI pipeline. If verification fails or you have concerns about release integrity, please contact us via the email above.