How are (security)vulnerabilities in the platform dealt with? It's interesting because looking through past release notes there are no comments on security issues explicitly having been addressed. Have none been found? If none have been found that would be surprising, or perhaps it implies that few pentaho installations in the "wild" have ever been subject to an explicit attack..