Dear Salvatore, Balint, Thanks for forwarding the CVE to us and verifying which versions of the package were affected.
I'll monitor the progress of this CVE. The CVE reporter offered some clues as to how to mitigate the problem, but I wonder how appropriate closure of this vulnerability can be verified. Any suggestions would be welcome. Best regards, Ghis
