Are you referring to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=173337 (more info in DSA 212) or something else?
Where did you get the information that said mysql was vulnerable? http://www.securityfocus.com/cgi-bin/sfonline/vulns.pl and some security scanners sometimes doesn't update their DB to say that special Debian version numbers are not affected. In fact it seems 6374 hasn't been updated. Can someone send an e-mail to [EMAIL PROTECTED] telling them which BIDs DSA 212 fixes? Drew Daniels
