Currently, security updates are provided for the following versions of LIT for Voice:

We take the security of LIT for Voice seriously. If you believe you've found a security vulnerability, please follow these steps:

1. Do Not Disclose Publicly: Please do not disclose the vulnerability publicly until it has been addressed.

2. Contact Information: Email your findings to the project maintainers at [INSERT SECURITY EMAIL]. If you don't receive a response within 48 hours, please follow up.

3. Provide Details: In your report, please include:

   • A description of the vulnerability
   • Steps to reproduce the issue
   • Potential impact of the vulnerability
   • Any potential solutions you've identified (optional)

4. Response Time: You can expect an initial response to your report within 48 hours, acknowledging receipt of your vulnerability report.

5. Disclosure Timeline:

   • We will work with you to understand and validate the vulnerability.
   • Once validated, we aim to release a patch within 14 days, depending on complexity.
   • After the patch is released, we will publicly acknowledge your contribution (if desired).

When deploying LIT for Voice, consider the following security best practices:

1. Environment Security: Ensure your deployment environment follows security best practices, including:

   • Using HTTPS for all communications
   • Setting up proper authentication for APIs
   • Restricting access to sensitive endpoints

2. Dependencies: Keep all dependencies updated to their latest secure versions.

3. Data Protection: Be mindful of the audio data being processed. Ensure you have appropriate consent and follow data protection regulations.

4. API Access: When exposing API endpoints, implement proper authentication and rate limiting.

Thank you for helping to keep LIT for Voice secure!