Joshua Hutchins <jdhutchin@ugcs.caltech.edu> writes: > Does this problem affect the version in testing/unstable > (1.6.dfsg.3~beta1-3)? The original advisory from MIT mentions version > 1.6.3 and earlier are vulnerable, so I assume that the versions in > lenny/sid are? Yes. 1.6.dfsg.3~beta1-4 was uploaded about an hour and a half ago. -- Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>