Marc G. Fournier wrote:
> In order to address a recent security report from iDefence, we have
> released 3 new "point" releases: 7.2.6, 7.3.8 and 7.4.6
Assuming you're referring to the make_oidjoins_check bug, I don't think
it is accurate to bill these as "security releases". As the 7.4.6
release notes plainly state:
---
# Avoid using temp files in /tmp in make_oidjoins_check
This has been reported as a security issue, though it's hardly worthy of
concern since there is no reason for non-developers to use this script
anyway.
---
That said, the fix for the clog bug is reason enough to make the point
releases, and reason enough for users to upgrade.
-Neil