A problem has been discovered in slocate, a secure locate replacement.
A buffer overflow in the setgid program slocate can be used to execute
arbitrary code as group slocate. This can be used to alter the
slocate database.
For the stable distribution (woody) this problem has been
fixed in version 2.6-1.3.1.
The old stable distribution (potato) is not affected by this problem.
For the unstable distribution (sid) this problem has been fixed in
version 2.7-1.
We recommend that you upgrade your slocate package immediately.