No version before 1.0.9 is vulnerable - they do not use libtool and ltdl. That leaves: testing/squeeze 1.0.9-2 unstable/sid 1.0.9-3
which are vulnerable. No etch or lenny releases are vulnerable. redland 1.0.9 upstream was built with libtool 2.2.6 so patching source file redland-1.0.9/libltdl/ltdl.c with the one from the 2.2.6b release should fix it. Dave -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
