Comment 3 for bug 78476

Since you're using CVS instead of SVN or BZR, it's actually pretty difficult to extract your patches. :)

As you say, #7 is already applied in Ubuntu. From the looks of it, every other fix are NULL-deref fixes, which unless it can be demonstrated how a service can be DoS'd with this, they don't look like security issues to me.

If I've overlooked something, please let me know. For now, I'll turn off the security bit on this report.

Thanks again!