It seems it is fixed in 3.0 but I know that version isn't stable.
EllisLab made this upgrade to fix the session cookie vulnerability discussed in your link. About 2.2.0:
CodeIgniter 2.2.0 has been released today, and is a security release for the 2.x branch. One of these changes is significant, so please be sure to read the version notes for upgrading from 2.1.4 to 2.2.0 to ensure your environment is ready for the update.