diff -Nru apport-0.119/debian/apport.cron.daily apport-0.119.1/debian/apport.cron.daily
--- apport-0.119/debian/apport.cron.daily	2008-10-20 12:54:54.000000000 +0200
+++ apport-0.119.1/debian/apport.cron.daily	2009-04-15 21:43:57.000000000 +0200
@@ -1,5 +1,5 @@
 #!/bin/sh -e
 # clean all crash reports which are older than a week.
 [ -d /var/crash ] || exit 0
-find /var/crash -mindepth 1 -mtime +7 -print0 | xargs -0 rm -f
-find /var/crash -mindepth 1 -empty -print0 | xargs -0 rm -f
+find /var/crash -mindepth 1 -maxdepth 1 \( -type f -o -type l \) -mtime +7 -print0 | xargs -0 rm -f
+find /var/crash -mindepth 1 -maxdepth 1 \( -type f -o -type l \) -empty -print0 | xargs -0 rm -f
diff -Nru apport-0.119/debian/changelog apport-0.119.1/debian/changelog
--- apport-0.119/debian/changelog	2008-10-23 09:34:45.000000000 +0200
+++ apport-0.119.1/debian/changelog	2009-04-15 21:44:29.000000000 +0200
@@ -1,3 +1,14 @@
+apport (0.119.1) intrepid-security; urgency=low
+
+  * etc/cron.daily/apport: Only attempt to remove files and symlinks, do not
+    descend into subdirectories of /var/crash/. Doing so might be exploited by
+    a symlink attack in an evil fuse file system or a race condition between
+    find traversing a huge directory tree, changing an existing subdir into a
+    symlink to e. g. /etc/, and finally getting that piped to rm. Thanks to
+    Stephane Chazelas for discovering this! (LP: #357024)
+
+ -- Martin Pitt <martin.pitt@ubuntu.com>  Wed, 15 Apr 2009 21:44:09 +0200
+
 apport (0.119) intrepid; urgency=low
 
   * debian/apport.default: Disable Apport by default for the final release.