Only the current release, the latest tag, and the current stable Tor version (e.g., 0.4.8.11) are supported. See README.md for a list of currently supported tags. All other tags will not receive updates.

If you've found a vulnerability in Tor, please send an email to security at torproject.org. See How to report a bug or give feedback for details.

If you've found a vulnerability in this docker image, please mail svengo at svengo.de.

Report vulnerabilities in third-party modules to the person or team maintaining the module.

The issue will be published as a security advisory.

I will update the supported tags as soon as a new Tor or Alpine release is available. Please give me three days to perform and test the update. I will also periodically rebuild the image to include updated Alpine packages with important security fixes.

The following automated tools are used to keep track of updated packages and known security problems:

• Dependabot: Automated dependency updates built into GitHub.
• Grype: A vulnerability scanner for container images and filesystems.
• Codacy Security Scan: Code quality scanner.