The attached debdiff resolves this bug and #491637 for Karmic. It's using patches derived from upstream, and builds cleanly. I have tested installation and basic functionality. I have not tried to reproduce the known exploit for one of the bugs.
There is also a minor string change in the ubuntu-banner patch to make the suggested reporting URL more correct.
If this debdiff is accepted into-security, i'll prepare other ones for targeted releases for #491637.
The attached debdiff resolves this bug and #491637 for Karmic. It's using patches derived from upstream, and builds cleanly. I have tested installation and basic functionality. I have not tried to reproduce the known exploit for one of the bugs.
There is also a minor string change in the ubuntu-banner patch to make the suggested reporting URL more correct.
If this debdiff is accepted into-security, i'll prepare other ones for targeted releases for #491637.