Debian Security Advisory DSA 1821-1 (amule)

Summary
The remote host is missing an update to amule announced via advisory DSA 1821-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201821-1
Insight
Sam Hocevar discovered that amule, a client for the eD2k and Kad networks, does not properly sanitise the filename, when using the preview function. This could lead to the injection of arbitrary commands passed to the video player. For the stable distribution (lenny), this problem has been fixed in version 2.2.1-1+lenny2. The oldstable distribution (etch) is not affected by this issue. For the testing distribution (squeeze) this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 2.2.5-1.1. We recommend that you upgrade your amule packages.