On Tue, Jan 24, 2012 at 03:32:29PM +0000, Nicholas Bamber wrote: > Second attempt at preparing a fix for this issue. > > By the way CVE-2011-5055, as far as I can see, only applies to the > experimental release. That will be fixed when upstream issue a new > upstream 2.x release. Could the security page be updated to reflect that. I've updated the Security Tracker. Cheers, Moritz