It turns out this bug is very complicated to backport, and that the upstream fix, made between major releases, introduces API and ABI changes. I'm in discussions with the security team about what to do. My suggestion is that we should not attempt to fix this. If the security and release teams agree, I'll post my analysis to this bug report before closing it.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
