Currently there are no released packages of the cva6-tools project. However, you are kindly encouraged to report any vulnerabilities observed on the current development tree.

The instructions for reporting such vulnerabilities are given below.

If you know of or suspect a vulnerability in this project, use any of the following channels:

• submit an issue report on Github
• contact the lead developer via email to contact@invia_dot_fr, mentioning the name of the repository and any of the words 'vulnerability', 'bug', or 'issue' in the subject of the email.

Your report will be handled as quickly as (reasonably) possible.