diff -u gsambad-0.1.4/debian/patches/00list gsambad-0.1.4/debian/patches/00list
--- gsambad-0.1.4/debian/patches/00list
+++ gsambad-0.1.4/debian/patches/00list
@@ -3,0 +4 @@
+04-cve-2007-2838
diff -u gsambad-0.1.4/debian/control gsambad-0.1.4/debian/control
--- gsambad-0.1.4/debian/control
+++ gsambad-0.1.4/debian/control
@@ -1,7 +1,8 @@
 Source: gsambad
 Section: admin
 Priority: optional
-Maintainer: Daniel Baumann <daniel@debian.org>
+Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
+XSBC-Original-Maintainer: Daniel Baumann <daniel@debian.org>
 Build-Depends: debhelper (>= 4.0), dpatch, autotools-dev, libgtk2.0-dev
 Standards-Version: 3.7.2
 
diff -u gsambad-0.1.4/debian/changelog gsambad-0.1.4/debian/changelog
--- gsambad-0.1.4/debian/changelog
+++ gsambad-0.1.4/debian/changelog
@@ -1,4 +1,17 @@
-gsambad (0.1.4-2) unstable; urgency=medium
+gsambad (0.1.4-2ubuntu0.1) feisty-security; urgency=low
+
+  * SECURITY UPDATE: allows local users to overwrite arbitrary files via a
+    symlink attack
+  * debian/patches/04-cve-2007-2838.dpatch: Avoid unsafe usage of temporary files.
+    (Modified patch from gsambad 0.1.4-2-etch1)
+  * References:
+    DSA-1327
+    CVE-2007-2838
+  * Set Maintainer to match DebianMaintainerSpec
+
+ -- Michael Bienia <geser@ubuntu.com>  Tue, 10 Jul 2007 18:36:20 +0200
+
+gsambad (0.1.4-2) unstable; urgency=medium	
 
   * Adjusting the icondir.
   * Makeing use of su-to-root in the desktop file.
only in patch2:
unchanged:
--- gsambad-0.1.4.orig/debian/patches/04-cve-2007-2838.dpatch
+++ gsambad-0.1.4/debian/patches/04-cve-2007-2838.dpatch
@@ -0,0 +1,51 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04-cve-2007-2838.dpatch by Michael Bienia <geser@ubuntu.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: CVE-2007-2838: Unsafe tmp file usage.
+
+@DPATCH@
+diff -urNad gsambad-0.1.4~/src/populate_conns.c gsambad-0.1.4/src/populate_conns.c
+--- gsambad-0.1.4~/src/populate_conns.c	2006-07-21 01:04:44.000000000 +0200
++++ gsambad-0.1.4/src/populate_conns.c	2007-07-10 18:41:47.000000000 +0200
+@@ -48,6 +48,9 @@
+     long file_size=0, old_pos=0;
+     gchar *combined=NULL;
+     gchar *utf8=NULL;
++    char command_buffer[1024];
++    char filename[] = "/tmp/gsambad-XXXXXX";
++    int tmpfd = -1;
+ 
+     gtk_list_store_clear(widgets->conns_store);
+ 
+@@ -64,8 +67,19 @@
+     fflush(stdin);
+     fflush(stdout);
+ 
+-    /* Write the output of smbstatus to a tempfile, FIXME: Static paths and generally notgoodtoday */
+-    if((fp=popen("touch /tmp/gsambadtmp && chmod 600 /tmp/gsambadtmp && smbstatus 2>&1> /tmp/gsambadtmp", "w"))==NULL)
++    /* make a secure temporary file */
++    tmpfd = mkstemp(filename);
++    if (tmpfd < 0) {
++	perror("Couldn't create safe tmp file");
++        return;
++    }
++    close(tmpfd);
++
++    /* Write the output of smbstatus to a tempfile. */
++    snprintf( command_buffer, sizeof(command_buffer) - 1,
++	      "smbstatus 2>&1> %s", filename );
++
++    if((fp=popen(command_buffer, "w"))==NULL)
+     {
+ 	/* Dont show a popup */
+         return;
+@@ -73,7 +87,7 @@
+     pclose(fp);
+ 
+     /* We want it in a tempfile so we can scroll around in it properly */
+-    if((fp=fopen("/tmp/gsambadtmp", "r"))==NULL) // FIXME: Static paths
++    if((fp=fopen(filename, "r"))==NULL) // FIXME: Static paths
+     {
+ 	/* Dont show a popup */
+         return;