Debian Security Advisory DSA 040-1 (slrn)

Summary
The remote host is missing an update to slrn announced via advisory DSA 040-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20040-1
Insight
Bill Nottingham reported a problem in the wrapping/unwrapping functions of the slrn newsreader. A long header in a message might overflow a buffer and which could result into executing arbitraty code encoded in the message. The default configuration does not have wrapping enable, but it can easily be enabled either by changing the configuration or pressing W while viewing a message. This has been fixed in version 0.9.6.2-9potato1 and we recommand that you upgrade your slrn package immediately.