Thanks Matthew! Other than making sure the Affects header is sorted in a chronologically increasing order, that impact description looks great. We should be able to proceed with privately requesting a CVE assignment from MITRE, and assuming Kristi/Lance/someone is prepared to attach backports of the patch from comment #17 for each of our supported stable branches we can probably start discussing a disclosure schedule for this one.
Thanks Matthew! Other than making sure the Affects header is sorted in a chronologically increasing order, that impact description looks great. We should be able to proceed with privately requesting a CVE assignment from MITRE, and assuming Kristi/ Lance/someone is prepared to attach backports of the patch from comment #17 for each of our supported stable branches we can probably start discussing a disclosure schedule for this one.