Please do not publish security vulnerabilities publicly until we've had a chance to address them. All security related issues/patches should be sent directly to [email protected] where we will attempt to address them quickly. If you're unsure whether something is a security issue or not, then please be cautious and contact us at [email protected] first.