diff -u lookup-el-1.4/debian/changelog lookup-el-1.4/debian/changelog
--- lookup-el-1.4/debian/changelog
+++ lookup-el-1.4/debian/changelog
@@ -1,3 +1,14 @@
+lookup-el (1.4-4ubuntu1) feisty-security; urgency=low
+
+  * SECURITY UPDATE: 
+    - lisp/ndeb-binary.el: Make a temporary subdirectory securely. (LP: #176931)
+
+  * References
+    - http://www.debian.org/security/2007/dsa-1269
+    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237
+
+ -- Emanuele Gentili <emgent@emanuele-gentili.com>  Wed, 20 Feb 2008 22:39:29 +0100
+
 lookup-el (1.4-4) unstable; urgency=low
 
   * Add 'emacs-snapshot' in the script to be installed in the current version
only in patch2:
unchanged:
--- lookup-el-1.4.orig/lisp/ndeb-binary.el
+++ lookup-el-1.4/lisp/ndeb-binary.el
@@ -171,8 +171,35 @@
 ;;; Internal functions
 ;;;
 
+(defvar ndeb-binary-temporary-subdirectory nil)
+
+(defun ndeb-binary-temporary-subdirectory-initialize ()
+  "Initialize temporary subdirectory for ndeb-binary."
+  (setq ndeb-binary-temporary-subdirectory
+	(make-temp-name (ndeb-binary-expand-file-name
+			 "nb" ndeb-binary-temporary-directory)))
+  (make-directory ndeb-binary-temporary-subdirectory) ;; error if already exists
+  (set-file-modes ndeb-binary-temporary-subdirectory 448) ;; octal 0700
+  (add-hook 'kill-emacs-hook 'ndeb-binary-temporary-subdirectory-cleanup))
+
+(defun ndeb-binary-temporary-subdirectory-cleanup ()
+  "Cleanup temporary subdirectory for ndeb-binary."
+  (remove-hook 'kill-emacs-hook 'ndeb-binary-temporary-subdirectory-cleanup)
+  (if (and ndeb-binary-temporary-subdirectory
+	   (file-directory-p ndeb-binary-temporary-subdirectory))
+      (condition-case nil
+	  (let ((files (directory-files ndeb-binary-temporary-subdirectory
+					'full "[^.]" 'nosort)))
+	    (while files
+	      (delete-file (car files))
+	      (setq files (cdr files)))
+	    (delete-directory ndeb-binary-temporary-subdirectory))
+	(error nil)))
+  (setq ndeb-binary-temporary-subdirectory nil))
+
 (defun ndeb-binary-initialize ()
   "Initialize ndeb-binary module."
+  (ndeb-binary-temporary-subdirectory-initialize)
   (unless ndeb-binary-link-map
     (setq ndeb-binary-link-map (copy-keymap lookup-content-mode-map))
     (define-key ndeb-binary-link-map "\C-m" 'ndeb-binary-follow-link)
@@ -234,9 +261,9 @@
 	     (rest 10))
 	(setq name (catch 'done
 		     (while (< 0 rest)
-		       (let ((name (ndeb-binary-expand-file-name
-				    (make-temp-name "nb")
-				    ndeb-binary-temporary-directory)))
+		       (let ((name (make-temp-name
+				    (ndeb-binary-expand-file-name
+				     "nb" ndeb-binary-temporary-subdirectory))))
 			 (when suffix
 			   (setq name (concat name "." suffix)))
 			 (unless (file-exists-p name)
@@ -441,8 +468,9 @@
 (defun ndeb-binary-insert-color-image (dictionary type target)
   "Insert an inline color image of type TYPE."
   (when (lookup-inline-image-p type)
-    (let ((file (ndeb-binary-expand-file-name
-		 (make-temp-name "nb") ndeb-binary-temporary-directory)))
+    (let ((file (make-temp-name
+		 (ndeb-binary-expand-file-name
+		  "nb" ndeb-binary-temporary-subdirectory))))
       (ndeb-binary-extract dictionary type target nil file)
       (insert ?\n)
       (lookup-img-file-insert file type)