On Sun, 3 May 2009 15:30:28 -0400 Michael S. Gilbert wrote: > oftentimes, you can't trust version numbers as stated in the CVE > itself. you have to check the code. upon further checking, it appears that this was definately fixed in 1.0. i will contact the security team to determine guidance.