The change required for addressing this security issue might be isolated to a change between 3.0.0 and 3.0.1. I am going to see if that change can be backported to our 2.7.2 and if it does fully address the security issue. My initial impression from reading the upstream changelog is that perhaps other changes in other upstream releases were also relevant.
The change required for addressing this security issue might be isolated to a change between 3.0.0 and 3.0.1. I am going to see if that change can be backported to our 2.7.2 and if it does fully address the security issue. My initial impression from reading the upstream changelog is that perhaps other changes in other upstream releases were also relevant.