You can find information on how to report a potential security vulnerability, as well as where to subscribe to receive security alerts, on the project's Security Page.