Hi, http://security-tracker.debian.org/tracker/CVE-2010-1196 > Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code ... >icedove (PTS) >sid 3.0.6-1 vulnerable >experimental 3.1-1 vulnerable Those 2 version seems not to be vulnerable. -- Regards, Hideki Yamane henrich @ debian.or.jp/org http://wiki.debian.org/HidekiYamane