We do our best to make sure our software is free of security vulnerabilities. Reality though is that it's not always the case. That is why we are very much eager and grateful to hear about any issues you find. Please report these directly to our issue tracker (setting issue type to 'Security Problem') or via email. You can find our PGP key on most public key servers.
In addition to the release notes for our products, we also provide you with a Security Bulletin that you can subscribe to, in order to obtain latest information about Security Issues that may concern our products and services.