We actively provide security updates for the following versions of LLGL:
| Version | Supported |
|---|---|
| 0.05 | ✅ |
| < 0.05 | ❌ |
Please do not open a public GitHub issue for security vulnerabilities.
If you discover a potential security flaw (e.g., buffer overflows in the Vulkan/D3D12 backends, memory leaks that could lead to DoS, or shader injection risks), please report it follows:
- Email: Send a detailed report to
llgl-security@lhermanns.me. - Details: Include a proof-of-concept (PoC), the specific backend used (OpenGL, Metal, etc.), and the operating system.
- Response: You can expect an acknowledgment within 48 hours.
Thank you for helping keep LLGL secure!