On Mon, 7 Mar 2005, Eric Sandall wrote:

> I apologize for the wording in our SECURITY file and would like you to know
> that as soon as we found other information (yesterday when a new release was
> made by the curl team) the SECURITY file was removed.

Apology accepted. There's no harm done. I appreciate your quick response and
actions. Thanks.

<rant>

I just hope you guys learn something from this: the security guys, sites and
companies are not one bit more trustworthy than anyone else in this game. Just
assuming they are right in what they say is not a good idea. And more sites
and poeple that repeat the first report over and over don't make it more true
either.

I understand the constant flood of security alerts makes it hard to get
everything checked and correct without a serious effort. Just don't forget
that by not verifying claims, you are doomed to repeat this mistake in the
future. The least you should do is to not judge people or projects based on
accusations made by others.

</rant>

Ok, now I'll go do something useful instead. ;-)

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html