The issue is tracked by the security team as <URL: https://security-tracker.debian.org/tracker/CVE-2016-7550 >. I guess the easiest fix is to upgrade the unstable version from upstream, as the older versions of Debian are not affected and a quick search did not point me to a patch. -- Happy hacking Petter Reinholdtsen