diff -u libnet-dns-perl-0.60/debian/patches/00list libnet-dns-perl-0.60/debian/patches/00list
--- libnet-dns-perl-0.60/debian/patches/00list
+++ libnet-dns-perl-0.60/debian/patches/00list
@@ -2,0 +3 @@
+42_CVE-2007-6341.dpatch
diff -u libnet-dns-perl-0.60/debian/changelog libnet-dns-perl-0.60/debian/changelog
--- libnet-dns-perl-0.60/debian/changelog
+++ libnet-dns-perl-0.60/debian/changelog
@@ -1,3 +1,17 @@
+libnet-dns-perl (0.60-1ubuntu0.1) gutsy-security; urgency=low
+
+  * SECURITY UPDATE:
+   + debian/patches/42_CVE-2007-6341.dpatch (LP: #201454)
+    - used in packages such as SpamAssassin and OTRS, allows remote 
+      attackers to cause a denial of service (program "croak") via a 
+      crafted DNS response. 
+
+  * References
+   + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341
+   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457445
+
+ -- Emanuele Gentili <emgent@emanuele-gentili.com>  Sun, 23 Mar 2008 19:12:20 +0100
+
 libnet-dns-perl (0.60-1) unstable; urgency=medium
 
   * New upstream release (closes: bug#430871).
only in patch2:
unchanged:
--- libnet-dns-perl-0.60.orig/debian/patches/42_CVE-2007-6341.dpatch
+++ libnet-dns-perl-0.60/debian/patches/42_CVE-2007-6341.dpatch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 42_CVE-2007-6341.dpatch by Emanuele Gentili <emgent@emanuele-gentili.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad libnet-dns-perl-0.60~/lib/Net/DNS/RR/A.pm libnet-dns-perl-0.60/lib/Net/DNS/RR/A.pm
+--- libnet-dns-perl-0.60~/lib/Net/DNS/RR/A.pm	2007-06-21 16:40:00.000000000 +0200
++++ libnet-dns-perl-0.60/lib/Net/DNS/RR/A.pm	2008-03-23 19:11:18.000000000 +0100
+@@ -18,7 +18,7 @@
+ sub new {
+ 	my ($class, $self, $data, $offset) = @_;
+ 
+-	if ($self->{"rdlength"} > 0) {
++	if ($self->{"rdlength"} >= 4) {
+ 		$self->{"address"} = inet_ntoa(substr($$data, $offset, 4));
+ 	}
+