diff -u ktorrent-1.0/debian/control ktorrent-1.0/debian/control
--- ktorrent-1.0/debian/control
+++ ktorrent-1.0/debian/control
@@ -1,7 +1,8 @@
 Source: ktorrent
 Section: net
 Priority: optional
-Maintainer: Joel Johnson <mrjoel@lixil.net>
+Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
+XSBC-Original-Maintainer: Joel Johnson <mrjoel@lixil.net>
 Build-Depends: debhelper (>= 4.0.0), autotools-dev, kdelibs4-dev, libpcre3-dev, libx11-dev, dpatch
 Standards-Version: 3.6.1
 
diff -u ktorrent-1.0/debian/changelog ktorrent-1.0/debian/changelog
--- ktorrent-1.0/debian/changelog
+++ ktorrent-1.0/debian/changelog
@@ -1,3 +1,12 @@
+ktorrent (1.0-0ubuntu1.1) breezy; urgency=low
+
+  * SECURITY UPDATE: allows .. in file name which could cause the user
+    to overwrite files (if ran as root, system files).
+  * Add 'debian/patches/kubuntu_04_security_fix.diff': backported upstream fix
+  * References: http://websvn.kde.org/?view=rev&revision=640661 
+
+ -- Richard A. Johnson <nixternal@ubuntu.com>  Sun, 11 Mar 2007 12:27:03 -0500
+
 ktorrent (1.0-0ubuntu1) breezy; urgency=low
 
   * Initial Ubuntu upload
only in patch2:
unchanged:
--- ktorrent-1.0.orig/debian/patches/kubuntu_04_security_fix.diff
+++ ktorrent-1.0/debian/patches/kubuntu_04_security_fix.diff
@@ -0,0 +1,48 @@
+diff -Nru ktorrent-1.0.orig/libtorrent/peer.cpp ktorrent-1.0/libtorrent/peer.cpp
+--- ktorrent-1.0.orig/libtorrent/peer.cpp	2005-07-11 04:22:18.000000000 -0500
++++ ktorrent-1.0/libtorrent/peer.cpp	2007-03-11 13:17:03.000000000 -0500
+@@ -161,11 +161,20 @@
+ 				{
+ 					Out() << "len err HAVE" << endl;
+ 					error(0);
+-					return;
+ 				}
+-				
+-				haveChunk(this,ReadUint32(tmp_buf,1));
+-				pieces.set(ReadUint32(tmp_buf,1),true);
++				else
++				{
++					Uint32 ch = ReadUint32(tmp_buf,1);
++					if (ch < pieces.getNumBits())
++					{
++						haveChunk(this,ch);
++						pieces.set(ch,true);
++					}
++					else
++					{
++						error(0);
++					}
++				}
+ 				break;
+ 			case BITFIELD:
+ 				if (len != 1 + pieces.getNumBytes())
+diff -Nru ktorrent-1.0.orig/libtorrent/torrent.cpp ktorrent-1.0/libtorrent/torrent.cpp
+--- ktorrent-1.0.orig/libtorrent/torrent.cpp	2005-07-11 04:22:18.000000000 -0500
++++ ktorrent-1.0/libtorrent/torrent.cpp	2007-03-11 13:09:39.000000000 -0500
+@@ -132,9 +132,13 @@
+ 				if (!v || v->data().getType() != Value::STRING)
+ 					throw Error("Corrupted torrent !");
+ 	
+-				file.path += v->data().toString(encoding);
+-				if (j + 1 < ln->getNumChildren())
+-					file.path += "/";
++				QString sd = v->data().toString(encoding);
++				if (sd != "..")
++				{
++					file.path += sd;
++					if (j + 1 < ln->getNumChildren())
++						file.path += bt::DirSeparator();
++				}
+ 			}
+ 			files.append(file);
+ 		}