diff -u glibc-2.8~20080505/debian/changelog glibc-2.8~20080505/debian/changelog
--- glibc-2.8~20080505/debian/changelog
+++ glibc-2.8~20080505/debian/changelog
@@ -1,3 +1,11 @@
+glibc (2.8~20080505-0ubuntu8) intrepid-proposed; urgency=low
+
+  * Add debian/patches/ubuntu/no-sprintf-pre-truncate.diff: do not
+    pre-clear target buffers on sprintf to retain backward compatibility
+    (LP: #305901).
+
+ -- Kees Cook <kees@ubuntu.com>  Wed, 07 Jan 2009 20:15:15 -0800
+
 glibc (2.8~20080505-0ubuntu7) intrepid; urgency=low
 
   * Add debian/patches/ubuntu/stack-guard-quick-randomization.diff: do
diff -u glibc-2.8~20080505/debian/patches/series glibc-2.8~20080505/debian/patches/series
--- glibc-2.8~20080505/debian/patches/series
+++ glibc-2.8~20080505/debian/patches/series
@@ -88,0 +89 @@
+ubuntu/no-sprintf-pre-truncate.diff
only in patch2:
unchanged:
--- glibc-2.8~20080505.orig/debian/patches/ubuntu/no-sprintf-pre-truncate.diff
+++ glibc-2.8~20080505/debian/patches/ubuntu/no-sprintf-pre-truncate.diff
@@ -0,0 +1,14 @@
+Index: glibc-2.9/debug/vsprintf_chk.c
+===================================================================
+--- glibc-2.9.orig/debug/vsprintf_chk.c	2008-12-23 21:30:07.000000000 -0800
++++ glibc-2.9/debug/vsprintf_chk.c	2008-12-23 21:30:19.000000000 -0800
+@@ -76,7 +76,9 @@
+ 
+   _IO_no_init (&f._sbf._f, _IO_USER_LOCK, -1, NULL, NULL);
+   _IO_JUMPS ((struct _IO_FILE_plus *) &f._sbf) = &_IO_str_chk_jumps;
++/*
+   s[0] = '\0';
++*/
+   _IO_str_init_static_internal (&f, s, slen - 1, s);
+ 
+   /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n