So why does CVE-2013-2074 [3] show sid as vulnerable? [1] https://bugs.kde.org/show_bug.cgi?id=319428 [2] http://sources.debian.net/src/kde4libs/4:4.10.5-1/kioslave/http/http.cpp [3] https://security-tracker.debian.org/tracker/CVE-2013-2074