I read about a new security vulnerability in WordPress:
I see that 2.0.3 has been released with a fix, but where is the annoucement about this security issue? I've looked on wordpress.org, the doc wiki, the forums, and can't find an official notification. I am subscribed (2 different email addresses) to the WP announcement mailing list, but I've never received any email from that list ( with NO server side spam filtering).
Did WordPress notify users? If so, can someone please point me in the direction of this notification?
Also, has a fix for v. 1.5.3-1beta been provided?