If you discover a security vulnerability in gbash, please report it through GitHub's private vulnerability reporting.

Do not open a public issue for security vulnerabilities.

Please include:

• A description of the vulnerability
• Steps to reproduce the issue
• Any relevant logs or output
• The version of gbash affected

You should receive an initial response within 72 hours. Once the issue is confirmed, a fix will be developed and released as soon as practical, with credit to the reporter unless they prefer to remain anonymous.

Security fixes are applied to the latest release only.