The Arcus team takes security issues in Arcus and our other projects seriously. We appreciate your efforts to responsibly disclose security related findings.
Please do not file an issue via the issue tracker, we'd prefer to avoid publishing security issue details until after we have a fix in place. This will aid in avoiding vulnerability exploitation in the wild.
We request that if you discover a security significant issue in our library that you report it via email to us at [email protected]. Please include the words "[ARCUS SECURITY]" in the subject line. Upon notification of a security issue we may request additional information.
The Arcus team will do our best alleviate the issue and inform the public as appropriate.