I created a security vulnerabilities chapter in our documentation. Please review to see if I forgot anything. Thanks, Bill -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com