On 12 Jun 2002, Michael Natterer wrote:

> David Fries <[EMAIL PROTECTED]> writes:
> Yes, the plug-ins are simply forked and thus have the same uid.
> The patch looks like the right thing to do to me. If nobody objects
> for some reason, it will be applied to both the stable and unstable
> trees.
> thanks for spotting this,
> --mitch

You should put a big notice that there is a security fix in the NEWS file
for the versions released.  Perhaps an annoncement to BugTrax would be in
order, as well.

I wonder if anyone in the dark ages is still using gimp 1.0 -- I'm sure it
has the same flaw.


Gimp-developer mailing list

Reply via email to