Am Montag, den 23.04.2007, 16:31 +0200 schrieb Axel Beckert: > don't know if just just oversaw it or if it's a time problem, but > mysql-server-5.0 in Sarge BPO (5.0.32-7~bpo.1) is vulnerable to > CVE-2007-1420[1] (database crash DoS via subselects), while the > version in Etch is fixed (5.0.32-7etch1) since 22-Mar-2007[2]. I'll upload a fix tomorrow. Norbert