Hi, I'm getting this change but can't see a DSA for it: freetype (2.4.2-2.1+squeeze4) stable-security; urgency=low * CVE-2012-11[33|34|36|42|44] -- Moritz Muehlenhoff <jmm@debian.org> Wed, 07 Mar 2012 17:46:07 +0100 Is this legit? I guess so, but want to make sure. :) Cheers Wolfgang