Folks, is it normal behavior for systems having woody-proposed-updates among apt sources NOT to have a mysql update for the recently announced mysql server vuln. ? Proposed updates has mysql version 3.23.51-1woody5, the security advisory (DSA 381-1) says 3.23.49-8.5 Now what ? Is 3.23.51 not vulnerable, thus no update required, OR that version has not (yet) been patched ? ( :S ) .SiCk of IT.