D. J. Bernstein wrote: > You're shipping cftp 0.12, which has been known for more than a year to > be remotely exploitable. I think the vulnerability you are talking about has been fixed 17 months ago, increasing the incriminated buffer size. BTW, what does it mean "several new packages will be made available Real Soon Now"? When?! :-) -- Alex Dupre