http://security-tracker.debian.org/tracker/CVE-2012-0859 please mark this entry as fixed for 6:0.8.3-4 and 6:0.8.99-1537-gacb2c79-2. The fixes for 4:0.5.9-1 originate from those branches. -- regards, Reinhard