用OpenSSH的人都知ssh會把你每個你訪問過電腦的公鑰(public key)都記錄在~/.ssh/known_hosts。當下次訪問相同電腦時，OpenSSH會核對公鑰。如果公鑰不同，OpenSSH會發出警告，避免你受到DNS Hijack之類的攻擊。

不過known_hosts的內容一些只是以純文本方式存放。如果你的帳號被人成功入侵，他可以由known_hosts直接得知你到訪過的電腦列表。為減低出現類似情況的機會。OpenSSH在4.0p1引入了
Hash Known Hosts功能，在known_hosts中把訪問過的電腦名稱或IP地址以hash方式存放，令入侵都不能直接知道你到訪過那些電腦。這項新項功能預設是關閉的，要你手動地在ssh_config加上"HashKnownHosts yes"才會被開啟。不過Debian Testing就預設開啟了個功能。

A vulnerability has been discovered in cscope, a program to
interactively examine C source code, which may allow local users to
overwrite files via a symlink attack.

Adam Zabrocki discovered multiple buffer overflows in atari800, an
Atari emulator. In order to directly access graphics hardware, one of
the affected programs is installed setuid root. A local attacker
could exploit this vulnerability to gain root privileges.

Several vulnerabilities have been discovered in zgv, an SVGAlib
graphics viewer for the i386 architecture. The Common Vulnerabilities
and Exposures Project identifies the following problems:

Several developers have discovered a number of problems in the libXpm
library which is provided by X.Org, XFree86 and LessTif. These bugs
can be exploited by remote and/or local attackers to gain access to
the system or to escalate their local privileges, by using a specially
crafted XPM image.

SGI has discovered that rpc.statd from the nfs-utils package, the
Network Status Monitor, did not ignore the "SIGPIPE". Hence, a client
prematurely terminating the TCP connection could also terminate the
server process.

Haris Sehic discovered several vulnerabilities in viewcvs, a utility
for viewing CVS and Subversion repositories via HTTP. When exporting
a repository as a tar archive the hide_cvsroot and forbidden settings
were not honoured enough.

"infamous41md" discovered a buffer overflow condition in hpsockd, the
socks server written at Hewlett-Packard. An exploit could cause the
program to crash or may have worse effect.

Trustix developers discovered insecure temporary file creation in a
supplemental script (der_chop) of the openssl package which may allow
local users to overwrite files via a symlink attack.

More potential integer overflows have been found in the GD graphics
library which weren't covered by our security advisory
DSA 589. They
could be exploited by a specially crafted graphic and could lead to
the execution of arbitrary code on the victim's machine.