> vulnerabilities (such as authorization bypass) by private email to the
> maintainers, so that they are not visible to the general public
> until we have had a chance to fix the bug. --[[smcv]]
+
+> Fixed by using
+> `git revert --strategy=recursive --strategy-option=no-renames`.
+> I tried to do something more clever (doing the revert, and checking
+> whether it made changes that aren't allowed) but couldn't get it to
+> work in a reasonable time, so I'm going with the simpler fix.
+> [[Fix committed|done]], a release will follow later today. --[[smcv]]