Thilo Wawrzik has been a great committer/user/reviewer from Captcha/Textimage modules for almost a year.
Today I was replying his issue about Captcha v2 then I figured out that I hadn't documented/explained to my users why the hell I did change the Captcha API.

Early this year, some security flaws was discovered in Captcha and Textimage, it's was a quite simple bug related with an trim() that was used to verify if the form was submitted. Note that captcha 4.6, captcha 4.7 and captcha 5.1 are basically the same module.

Yesterday we released a new version of Textimage and Captcha modules, those release fix some security bypass, everyone use any version of those module MUST upgrade.

If you have doubts about how to proceed, contact me and I help you. ;)

Thanks Heine Deelstra and the folks from Drupal Security team for the great work.

Below the security releases:

Textimage - response validation bypass
Captcha - response validation bypass