Actually, it would appear the version in Lucid isn't affected by this flaw. The vulnerability seems to originate from this debian-specific patch:
cfingerd (1.4.3-3) unstable; urgency=low * Applied IPv6 patch from Mats Erik Andersson <email address hidden> (closes: Bug#570024)
Actually, it would appear the version in Lucid isn't affected by this flaw. The vulnerability seems to originate from this debian-specific patch:
cfingerd (1.4.3-3) unstable; urgency=low
* Applied IPv6 patch from Mats Erik Andersson
<email address hidden> (closes: Bug#570024)