According to debsecan on one of my Lenny boxes, CVE-2009-4411 can be fixed by upgrading:
*** Available security updates CVE-2009-4411 The (1) setfacl and (2) getfacl commands in XFS acl... <http://security-tracker.debian.net/tracker/CVE-2009-4411> - libacl1 (low urgency) But when I try to upgrade the Lenny machine, there is no update available. Is the hole incorrectly classified? Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2fl4obltxtx....@login1.uio.no