diff -u lighttpd-1.4.11/debian/patches/00list lighttpd-1.4.11/debian/patches/00list
--- lighttpd-1.4.11/debian/patches/00list
+++ lighttpd-1.4.11/debian/patches/00list
@@ -1,0 +2,2 @@
+05_security_zero_mtime_crash
+
diff -u lighttpd-1.4.11/debian/control lighttpd-1.4.11/debian/control
--- lighttpd-1.4.11/debian/control
+++ lighttpd-1.4.11/debian/control
@@ -1,7 +1,8 @@
 Source: lighttpd
 Section: web
 Priority: optional
-Maintainer: Debian lighttpd maintainers <pkg-lighttpd-maintainers@lists.alioth.debian.org>
+Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
+XSBC-Original-Maintainer: Debian lighttpd maintainers <pkg-lighttpd-maintainers@lists.alioth.debian.org>
 Uploaders: Krzysztof Krzyzaniak (eloy) <eloy@debian.org>, Torsten Marek <shlomme@gmx.net>
 Build-Depends: debhelper (>= 5.0.0), cdbs, libssl-dev, zlib1g-dev, libbz2-dev, libpcre3-dev, libmysqlclient15-dev, libldap2-dev, libfcgi-dev, libgdbm-dev, liblua50-dev, liblualib50-dev, dpatch, patchutils
 Standards-Version: 3.6.2.0
diff -u lighttpd-1.4.11/debian/changelog lighttpd-1.4.11/debian/changelog
--- lighttpd-1.4.11/debian/changelog
+++ lighttpd-1.4.11/debian/changelog
@@ -1,3 +1,12 @@
+lighttpd (1.4.11-3ubuntu3.2) dapper-proposed; urgency=low
+
+  * Added relevant security fix from 1.4.14 (Closes LP: #107628)
+    - DOS with files with mtime 0 (CVE-2007-1870)
+       security_zero_mtime_crash
+  * Change maintainer to MOTU
+
+ -- Scott Kitterman <scott@kitterman.com>  Tue, 24 Apr 2007 12:04:01 -0400
+
 lighttpd (1.4.11-3ubuntu3.1) dapper-proposed; urgency=low
 
   * debian/init.d: Update to current Debian script
only in patch2:
unchanged:
--- lighttpd-1.4.11.orig/debian/patches/05_security_zero_mtime_crash.dpatch
+++ lighttpd-1.4.11/debian/patches/05_security_zero_mtime_crash.dpatch
@@ -0,0 +1,18 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 05_security_zero_mtime_crash.dpatch by  <scott@kitterman.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad lighttpd-1.4.11~/src/server.c lighttpd-1.4.11/src/server.c
+--- lighttpd-1.4.11~/src/server.c	2006-03-04 12:12:17.000000000 -0500
++++ lighttpd-1.4.11/src/server.c	2007-04-24 12:06:32.000000000 -0400
+@@ -159,6 +159,7 @@
+ #undef CLEAN
+ 	
+ 	for (i = 0; i < FILE_CACHE_MAX; i++) {
++		srv->mtime_cache[i].mtime = (time_t)-1;
+ 		srv->mtime_cache[i].str = buffer_init();
+ 	}
+