Replicated will support every other minor version release of Kubernetes (i.e. 1.11, 1.13, 1.15). We generally aim to add support for new versions within 30 days of the upstream Kubernetes release.
For security vulnerabilities, we aim to deliver a patched version of Replicated as soon as possible. In the past, we have released Critical fixes within a few hours of announcement (e.g. CVE-2018-1002105 and CVE-2019-5736 were both patched the same day)
See also Replicated Platform CVE Policy