Hello Salvatore, thanks for reporting this. I've been following the discussions around this during the day and I did notice there were multiple commits related to it indeed.
My take so far is that we should wait a bit before releasing the fix on unstable, as there might be regressions in the fix itself. There isn't even a proper release with the fix yet (only v3.2.5pre1). After confirming that there's no regressions in 3.2.5, then we can consider backporting it [0]. [0] That is, of course, just a suggestion, if someone from the Security team is willing to do all the investigative work to look out for regressions earlier, they're free to go ahead. Thanks, -- Samuel Henrique <samueloph>
