diff -u python-cherrypy-2.2.1/debian/changelog python-cherrypy-2.2.1/debian/changelog
--- python-cherrypy-2.2.1/debian/changelog
+++ python-cherrypy-2.2.1/debian/changelog
@@ -1,3 +1,16 @@
+python-cherrypy (2.2.1-3ubuntu0.1) edgy-security; urgency=low
+
+  * SECURITY UPDATE: directory traversal via session cookie ID.
+    - debian/patches/10_CVE-2008-0252.diff: Add. Ensure that the path
+      generated from the session ID is within the session directory. Patch
+      from upstream SVN. (LP: #187481)
+    - References:
+      + CVE-2008-0252
+  * Modify Maintainer value to match the DebianMaintainerField
+    specification.
+
+ -- William Grant <william.grant@ubuntu.org.au>  Mon, 10 Mar 2008 10:11:11 +1100
+
 python-cherrypy (2.2.1-3) unstable; urgency=low
 
   * debian/rules, debian/control:
diff -u python-cherrypy-2.2.1/debian/control python-cherrypy-2.2.1/debian/control
--- python-cherrypy-2.2.1/debian/control
+++ python-cherrypy-2.2.1/debian/control
@@ -1,7 +1,8 @@
 Source: python-cherrypy
 Section: python
 Priority: optional
-Maintainer: Gustavo Noronha Silva <kov@debian.org>
+Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
+XSBC-Original-Maintainer: Gustavo Noronha Silva <kov@debian.org>
 Uploaders: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
 Build-Depends: cdbs (>= 0.4.41), debhelper (>= 5.0.37.1), python-setuptools (>= 0.6a9-1)
 Build-Depends-Indep: python-dev, python-support (>= 0.2.3)
only in patch2:
unchanged:
--- python-cherrypy-2.2.1.orig/debian/patches/10_CVE-2008-0252.diff
+++ python-cherrypy-2.2.1/debian/patches/10_CVE-2008-0252.diff
@@ -0,0 +1,12 @@
+diff -Nur -x '*.orig' -x '*~' python-cherrypy-2.2.1/cherrypy/filters/sessionfilter.py python-cherrypy-2.2.1.new/cherrypy/filters/sessionfilter.py
+--- python-cherrypy-2.2.1/cherrypy/filters/sessionfilter.py	2006-04-25 11:37:45.000000000 +1000
++++ python-cherrypy-2.2.1.new/cherrypy/filters/sessionfilter.py	2008-03-09 15:43:41.000000000 +1100
+@@ -326,6 +326,8 @@
+             raise SessionStoragePathNotConfiguredError()
+         fileName = self.SESSION_PREFIX + id
+         file_path = os.path.join(storage_path, fileName)
++        if not os.path.normpath(file_path).startswith(storage_path):
++            raise cherrypy.HTTPError(400, "Invalid session id in cookie.")
+         return file_path
+     
+     def _lock_file(self, path):
only in patch2:
unchanged: