More information on this bug can be found at: http://sourceforge.net/tracker/index.php?func=detail&aid=1612792&group_id=39518&atid=425439
I imagine a simple 1 line patch can eliminate this vulnerability, at least until the upstream releases an offical fix. tim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]