Some websites say this is fixed in 17.1, others say 17.1 is vulnerable. I have just confirmed 17.1 is vulnerable. -- Brian May <bam@debian.org>