diff -u libapache2-mod-fcgid-2.3.5/debian/control libapache2-mod-fcgid-2.3.5/debian/control
--- libapache2-mod-fcgid-2.3.5/debian/control
+++ libapache2-mod-fcgid-2.3.5/debian/control
@@ -1,7 +1,8 @@
 Source: libapache2-mod-fcgid
 Section: httpd
 Priority: optional
-Maintainer: Tatsuki Sugiura <sugi@nemui.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Tatsuki Sugiura <sugi@nemui.org>
 Build-Depends: debhelper (>= 5.0.0), apache2-threaded-dev (>= 2.2.3-2), libtool, cdbs, libapr1-dev, pkg-config, dpatch
 Standards-Version: 3.8.4
 Uploaders: Taku YASUI <tach@debian.or.jp>
diff -u libapache2-mod-fcgid-2.3.5/debian/changelog libapache2-mod-fcgid-2.3.5/debian/changelog
--- libapache2-mod-fcgid-2.3.5/debian/changelog
+++ libapache2-mod-fcgid-2.3.5/debian/changelog
@@ -1,3 +1,11 @@
+libapache2-mod-fcgid (1:2.3.5-2ubuntu0.1) maverick-security; urgency=low
+
+  * SECURITY UPDATE: possible stack buffer overwrite (LP: #698060)
+    - modules/fcgid/fcgid_bucket.c: patch from upstream
+    - CVE-2010-3872
+
+ -- Felix Geyer <debfx-pkg@fobos.de>  Thu, 06 Jan 2011 13:12:50 +0100
+
 libapache2-mod-fcgid (1:2.3.5-2) unstable; urgency=low
 
   * Fix build problem with new ash (Closes: #583025)
only in patch2:
unchanged:
--- libapache2-mod-fcgid-2.3.5.orig/modules/fcgid/fcgid_bucket.c
+++ libapache2-mod-fcgid-2.3.5/modules/fcgid/fcgid_bucket.c
@@ -96,7 +96,7 @@
 
         /* Initialize header */
         putsize = fcgid_min(bufferlen, sizeof(header) - hasread);
-        memcpy(&header + hasread, buffer, putsize);
+        memcpy((apr_byte_t *)&header + hasread, buffer, putsize);
         hasread += putsize;
 
         /* Ignore the bytes that have read */