diff -u eggdrop-1.6.19/debian/changelog eggdrop-1.6.19/debian/changelog
--- eggdrop-1.6.19/debian/changelog
+++ eggdrop-1.6.19/debian/changelog
@@ -1,3 +1,21 @@
+eggdrop (1.6.19-1.2ubuntu1) karmic; urgency=low
+
+  * Merge from debian unstable, remaining changes:
+    - debian/patches/eggdrop-1.6.19-ssl.patch.
+    - debian/rules: Added check for SSL.
+    - debian/control: Added libssl-dev.
+
+ -- Savvas Radevic <vicedar@gmail.com>  Fri, 15 May 2009 20:58:58 +0100
+
+eggdrop (1.6.19-1.2) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Apply upstream patch to fix incomplete patch for CVE-2007-2807,
+    buffer can still overflow in case of strlen(ctcpbuf) returning
+    zero (Closes: #427157).
+
+ -- Nico Golde <nion@debian.org>  Fri, 15 May 2009 13:43:17 +0200
+
 eggdrop (1.6.19-1.1ubuntu1) intrepid; urgency=low
 
   * Merge from Debian unstable (LP: #272382). Remaining Ubuntu changes:
@@ -338,7 +356,7 @@
 		machine-independent data is in /usr/share/eggdrop
 
  -- Ian Eure <ieure@debian.org>  Fri, 17 Nov 2000 11:43:49 -0800
-	
+
 eggdrop (1.3.28-2) unstable; urgency=low
 
   * Erm, let's try that again .. should actually work this time.  
@@ -430 +447,0 @@
-
only in patch2:
unchanged:
--- eggdrop-1.6.19.orig/debian/patches/02_incompCVE-2007-2807.patch
+++ eggdrop-1.6.19/debian/patches/02_incompCVE-2007-2807.patch
@@ -0,0 +1,12 @@
+diff -Nurad eggdrop-1.6.19.orig/src/mod/server.mod/servmsg.c eggdrop-1.6.19/src/mod/server.mod/servmsg.c
+--- eggdrop-1.6.19.orig/src/mod/server.mod/servmsg.c	2009-05-15 13:47:19.000000000 +0200
++++ eggdrop-1.6.19/src/mod/server.mod/servmsg.c	2009-05-15 13:47:50.000000000 +0200
+@@ -490,7 +490,7 @@
+       ctcp = ctcpbuf;
+       /* copy the part after the second : in front of it after
+        * the first :, this is temporary copied to ctcpbuf */
+-      strncpy(p1 - 1, p + 1, strlen(ctcpbuf) - 1);
++      memmove(p1 - 1, p + 1, strlen(p + 1) + 1);
+ 
+       if (!ignoring)
+         detect_flood(nick, uhost, from,