[...]
there were several security-related fixes in the collector (and the collector-mailing-list) in the last days. Normaly security-related stuff is not visible for the public... and this seems to be good to avoid exploits etc.
At least for the resolved issues the fixed are public available from the CVS (maybe even together with log messages). Sufficiently skilled people thus can reconstruct the security issues from the changes; I feel there is no point for hiding them any longer. On the other hand admins may be less pressed to upgrade if they look at the current available list of fixes and find none which hurts them in their setup ... for example I do not have untrusted users able to write malicious Python Scripts on my site (I guess ;-), and I do not use DTML or some Tree-stuff -- thus I did not upgrade yet, and You may feel free to blow my site with one of the not yet published issues. my 2 cents, Clemens btw: it does not look like either zope.org nor zope.com has been upgraded yet? The find-support still looks quite public ...