Upstream security advisory: http://www.bugzilla.org/security/2.18.5/
These are fixed in 2.22.1 which would be suitable for sid. There is no upstream fix for the 2.16 series, as used in sarge. I am looking at the upstream fix for the 2.18 series to see whether it is applicable or easily adaptable to 2.16. Ben. -- Ben Hutchings -- [EMAIL PROTECTED] shortened to [EMAIL PROTECTED] If you've signed my GPG key, please send a signature on and to the new uid. The world is coming to an end. Please log off.
signature.asc
Description: This is a digitally signed message part
