Note that 0.88.1 fixes this.
*** This bug has been marked as a duplicate of 188881 ***
Reopening, not a duplicate, note the different CVE number, 0.88.1 closes 3
seperate security holes!
I have entered 3 bugzilla bugs for this so people can search for CVE and find
the appropiate bug for all 3 CVE's . This is sorta kinda security SIG policy and
will hopefully become more definite security SIG policy soon.