Please see my comment about CVE-2012-3406 in bug#681888. I don't think we want to fix a security issue by another one. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurelien@aurel32.net http://www.aurel32.net