Latest major/minor version is supported only for security updates.
To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.