Comment 3 for bug 164007

Upstream is using this patch http://sourceforge.net/tracker/download.php?group_id=12694&atid=112694&file_id=228217&aid=1712988 for fixing this CVE.
I talked to Pitti about the introduction of two new configuration settings, which is done in this patch.

He agreed with me, that's the best way to go...the logic of the fix is sane and reproducable...so I think we can live with this patch....

Will work tomorrow morning on the other releases...and provide debdiffs...stay tuned :)

\sh