OpenSC releases are made roughly once a year, unless important security is discovered.
OpenSC does not release micro updates for previously released versions and does not backport security fixes into them. Only the last release is supported.
| Version | Supported |
|---|---|
| 0.25.1 | ✅ |
| < 0.25.1 | ❌ |
If you discovered security vulnerability in supported version of OpenSC, you can either report it with a button "Report a vulnerability" in Security tab (Do not create normal public issue with security relevant information!) or you can send email to any recently active project developers frankmorgner(at)gmail.com, deengert(at)gmail.com and/or jakuje(at)gmail.com .
You can expect update on the issue no later than in two weeks.