I disagree with the release manager's assessment of the situation, clearly. And `unless someone proves otherwise' is not a very good way of deciding. Are things only considered security bugs nowadays if someone has produced an exploit ? The right approach is to consider something a security bug unless it can be shown that it isn't.
But I'm afraid I don't have the time right now to fight this battle. Ian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
