diff -u drupal5-5.18/debian/changelog drupal5-5.18/debian/changelog
--- drupal5-5.18/debian/changelog
+++ drupal5-5.18/debian/changelog
@@ -1,3 +1,14 @@
+drupal5 (5.18-1.1ubuntu2.1) karmic-security; urgency=low
+
+  * debian/patches/22_SA-CORE-2009-009.dpatch:
+    - SECURITY UPDATE due to multiple vulnerabilities
+      and weaknesses were discovered in Drupal (LP: #510421)
+    - CVE-2009-4369
+    - CVE-2009-4370
+    - CVE-2009-4371
+
+ -- Artur Rona <ari-tczew@tlen.pl>  Mon, 22 Feb 2010 00:11:25 +0100
+
 drupal5 (5.18-1.1ubuntu2) karmic; urgency=low
 
   * debian/patches/21_SA-CORE-2009-008.dpatch:
diff -u drupal5-5.18/debian/patches/00list drupal5-5.18/debian/patches/00list
--- drupal5-5.18/debian/patches/00list
+++ drupal5-5.18/debian/patches/00list
@@ -4,0 +5 @@
+22_SA-CORE-2009-009
only in patch2:
unchanged:
--- drupal5-5.18.orig/debian/patches/22_SA-CORE-2009-009.dpatch
+++ drupal5-5.18/debian/patches/22_SA-CORE-2009-009.dpatch
@@ -0,0 +1,24 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 22_SA-CORE-2009-009.dpatch by Artur Rona <ari-tczew@tlen.pl>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Multiple vulnerabilities and weaknesses were discovered in Drupal.
+##
+## Ubuntu: https://bugs.launchpad.net/bugs/510421
+## Upstream: http://drupal.org/node/661586
+## Patch: http://drupal.org/files/sa-core-2009-009/SA-CORE-2009-009-5.20.patch
+
+@DPATCH@
+
+diff -pruN -x '*~' drupal-5.10.orig/modules/contact/contact.module drupal-5.10/modules/contact/contact.module
+--- drupal-5.10.orig/modules/contact/contact.module	2007-06-05 09:18:05.000000000 +0200
++++ drupal-5.10/modules/contact/contact.module	2009-12-20 22:08:32.000000000 +0100
+@@ -145,7 +145,7 @@ function contact_admin_categories() {
+   $result = db_query('SELECT cid, category, recipients, selected FROM {contact} ORDER BY weight, category');
+   $rows = array();
+   while ($category = db_fetch_object($result)) {
+-    $rows[] = array($category->category, $category->recipients, ($category->selected ? t('Yes') : t('No')), l(t('edit'), 'admin/build/contact/edit/'. $category->cid), l(t('delete'), 'admin/build/contact/delete/'. $category->cid));
++    $rows[] = array(check_plain($category->category), check_plain($category->recipients), ($category->selected ? t('Yes') : t('No')), l(t('edit'), 'admin/build/contact/edit/'. $category->cid), l(t('delete'), 'admin/build/contact/delete/'. $category->cid));
+   }
+   $header = array(t('Category'), t('Recipients'), t('Selected'), array('data' => t('Operations'), 'colspan' => 2));
+