Comment 12 for bug 12635

Debian Package is still unfixed, fixed lesstif2 for Hoary now:

 lesstif1-1 (1:0.93.94-11ubuntu3) hoary; urgency=low
 .
   * SECURITY UDPATE: Fix multiple Xpm vulnerabilities.
   * lib/Xm-2.1/Xpm.c: Split into several files (as upstream did for easier
     patching), applied fixes pulled from new upstream version.
     References:
     - CAN-2004-0914
     - Ubuntu #6273
     - Debian #294099
   * lib/Xm-2.1/Xpmcreate.c, lib/Xm-2.1/Xpmscan.c: Applied patch from
     freedesktop.org to avoid integer overflows.
     References:
     - CAN-2005-0605
     - https://bugs.freedesktop.org/show_bug.cgi?id=1920
     - https://bugzilla.ubuntulinux.org/show_bug.cgi?id=721
   * lib/Xm/LTXpm.c: Backported CAN-2005-0605 patch to old lesstif1.
   * Added CAN numbers to changelog of 1:0.93.94-4ubuntu1.

This leaves the hard and useless, but required fix of lesstif1 for Warty.