Package: libfcgi-perl Version: 0.78-2 Severity: normal I closed #815840 with the upload that fixed CVE-2012-6687, but Tianon rightly suggests that the best solution would be to use libfcgi-dev and ignore the bundled version of libfcgi.
This doesn't seem to be so simple, though; he is running into undefined symbols, and I noticed that the RCS version header for os_unix.c is _newer_ in libfcgi-perl than what's in libfcgi-dev. Plus libfgi upstream seems dead as in "after many quiet years, the mailing list address boundes"... Florian
