Doubtless yours is one of the first, but I believe that this one not only came earlier, but appears to deal with the same or a similar flaw (it's hard to say as you wisely didn't detail your flaw publicly at the time). There are a few even earlier security hole announcements, but you're up there with the pioneers to be sure!

--
I'd like to be able to assign to an luser