@punk https://www.debian.org/security/2017/dsa-3867 @foo For the stable distribution (jessie), this problem has been fixed in version 1.8.10p3-1+deb8u4.