As mentioned here: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6302So I think it would be worth getting the current etch version into sarge-backports?
Thanks to all of you who work on backports.org, it really is an invaluable resource to so many of us.
Cheers, Stu.