diff -u ircd-hybrid-7.2.2.dfsg.2/debian/changelog ircd-hybrid-7.2.2.dfsg.2/debian/changelog
--- ircd-hybrid-7.2.2.dfsg.2/debian/changelog
+++ ircd-hybrid-7.2.2.dfsg.2/debian/changelog
@@ -1,3 +1,12 @@
+ircd-hybrid (1:7.2.2.dfsg.2-6ubuntu3) lucid; urgency=low
+
+  * SECURITY UPDATE: integer underflow causes local DoS (LP: #518226)
+    - debian/patches/03_cve-20094016.patch based on upstream patch
+    - CVE 2009-4016
+    
+
+ -- Matt Arnold <mattarnold5@gmail.com>  Sat, 06 Feb 2010 23:41:07 -0500
+
 ircd-hybrid (1:7.2.2.dfsg.2-6ubuntu2) karmic; urgency=low
 
   * Prevent conflict with other ircds remove Conflicts: ircd.
diff -u ircd-hybrid-7.2.2.dfsg.2/debian/patches/00list ircd-hybrid-7.2.2.dfsg.2/debian/patches/00list
--- ircd-hybrid-7.2.2.dfsg.2/debian/patches/00list
+++ ircd-hybrid-7.2.2.dfsg.2/debian/patches/00list
@@ -1,5 +1,6 @@
 #01_no_hardlink => Removed
 02_fhs_comply
+03_cve20094016.dpatch 
 #03_customize_motd => Removed
 #04_opme_no_depend_opless => To adapt
 #05_dont_build_example => Removed
only in patch2:
unchanged:
--- ircd-hybrid-7.2.2.dfsg.2.orig/debian/patches/03_cve20094016.dpatch
+++ ircd-hybrid-7.2.2.dfsg.2/debian/patches/03_cve20094016.dpatch
@@ -0,0 +1,21 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 03_int_overflowfix.dpatch by Matt Arnold <mattarnold5@gmail.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad ircd-hybrid-7.2.2.dfsg.2~/src/irc_string.c ircd-hybrid-7.2.2.dfsg.2/src/irc_string.c
+--- ircd-hybrid-7.2.2.dfsg.2~/src/irc_string.c	2006-07-17 02:31:26.000000000 -0400
++++ ircd-hybrid-7.2.2.dfsg.2/src/irc_string.c	2010-02-06 18:16:32.000000000 -0500
+@@ -103,7 +103,9 @@
+     }
+     else
+       *d++ = *src;
+-    ++src, --len;
++    if (len > 0) {
++    	++src, --len;
++    }
+   }
+   *d = '\0';
+   return dest;