On Thu, 2003-03-13 at 10:26, Toby Dickenson wrote:
I suspect most people with checkin privelidges dont know about this problem, because it wont have been sent to the public mailman list.
True. I really don't know which set of committers gets the "security-related" emails from that collector. I do, somehow. Other folks at ZC do as well. If something really bad comes up, someone typically sounds the alarm and we put out a hotfix ASAP. I think this particular problem occurs in a sufficiently narrow set of circumstances that we didn't go into helmet fire mode on it (e.g. I think the consensus is it should be fixed in an upcoming release, but it doesn't require a hotfix). That said, this is a guess (and a judgement call), I haven't discussed it with anyone else. - C