Debian Security Advisory DSA 1114-1 (hashcash)

Summary
The remote host is missing an update to hashcash announced via advisory DSA 1114-1. Andreas Seltenreich discovered a buffer overflow in hashcash, a postage payment scheme for email that is based on hash calculations, which could allow attackers to execute arbitrary code via specially crafted entries.
Solution
For the stable distribution (sarge) this problem has been fixed in version 1.17-1sarge1. For the unstable distribution (sid) this problem has been fixed in version 1.21-1. We recommend that you upgrade your hashcash package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201114-1