Posted by lists on Dec 30

Hi Stefan and all,

While we finally did get CVE-2000-0854 the overdue attention, we apparently
didn’t promote this enough:
http://blog.acrossecurity.com/2012/02/downloads-folder-binary-planting.html
(presented at Source Boston in 2012). So now you’ll have to do it – good
luck 🙂

BTW, Stefan, soon you’ll be able to create your own patches for these, and
many other bugs, with http://0patch.com. You’re welcome.

Cheers,
Mitja…