On Friday 27 January 2012, georg@riseup.net wrote: > I guess it's a false positive. I took two CVEs out of your list, and > checked the debian security tracker. You can read more about this situations here http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s- vulnasses-false-positive (sorry, no spanish version yet of the manual yet). Cheers, luciano