[cosmo-dev] Cosmo 0.10.1 security risk addressed on Hub?
Brian Moseley
bcm at osafoundation.org
Sat Dec 8 22:20:06 PST 2007
On Dec 8, 2007 9:05 PM, Mikeal Rogers <mikeal at osafoundation.org> wrote:
> If I remember correctly;
>
> Hub was patched for this issue as soon as a patch was available, Jared
> didn't wait for the product release to finish before securing hub from
> a public vulnerability just for the sake of getting a rubber stamped
> 0.10.1 version number.
>
> I don't think hub was rebuilt again because 0.10.1 only included this
> fix.
that's pretty confusing to your average user, who has no way of
knowing other than looking at the version string in the about box.
More information about the cosmo-dev
mailing list