A little background. Before we issue errata, we have to decide whether
we should. That's usually pretty simple, but sometimes a bug looks
exploitable when it isn't, or is exploitable when it looks benign.
Clearly issuing zero errata isn't a workable solution, so we could issue
errata for
The process which came to the conclusion below took about 15-20 hours
of accumulated developer time over the weekend. I'm almost running
out of fingers counting developers.
I wish we had the resources so that we could dedicate people to this
in a more serious way. At least if we could dedicate
