Given version scheme X.Y.Z.P, Mongoid Ultra will release gem security patches all minor versions Y of the most recently released two major versions X. For example, if the current Mongoid Ultra version is 10.1.2.15, we will release 5 new gems versions for 10.1, 10.0, 9.2, 9.1, 9.0 (assuming those are the already released major/minor versions.)
Note the first Mongoid Ultra release is 9.0.0.0.
Security issues affecting both upstream and Mongoid Ultra should be reported to MongoDB.
Security issues affecting only Mongoid Ultra should be reported to security@tablecheck.com. The email should be encrypted with the following PGP public key:
- Key ID:
0xDF7D22A0E8772326 - Fingerprint:
466C 56B9 E110 3CBA 2129 DBAD DF7D 22A0 E877 2326
We appreciate your help to disclose security issues responsibly.