Guido Bakker has reported a local root vulnerability that can result
in local users gaining root permission on a host running
koules.sndsrv.linux using a buffer overflow.
Debian does not ship koules or parts of it setuid root and thus is not
vulnerable to this exploit.
