diff -Nru lxterminal-0.1.11/debian/changelog lxterminal-0.1.11/debian/changelog
--- lxterminal-0.1.11/debian/changelog	2012-11-06 16:09:13.000000000 -0600
+++ lxterminal-0.1.11/debian/changelog	2017-07-11 01:19:58.000000000 -0500
@@ -1,3 +1,11 @@
+lxterminal (0.1.11-4ubuntu3.1) trusty-security; urgency=high
+
+  * SECURITY UPDATE: insecure /tmp use denial of service (LP: #1690416)
+    - debian/patches/fix-CVE-2016-10369.patch
+    - CVE-2016-10369
+
+ -- Simon Quigley <tsimonq2@ubuntu.com>  Tue, 11 Jul 2017 01:19:58 -0500
+
 lxterminal (0.1.11-4ubuntu3) raring; urgency=low
 
   * debian/patches:
diff -Nru lxterminal-0.1.11/debian/patches/fix-CVE-2016-10369.patch lxterminal-0.1.11/debian/patches/fix-CVE-2016-10369.patch
--- lxterminal-0.1.11/debian/patches/fix-CVE-2016-10369.patch	1969-12-31 18:00:00.000000000 -0600
+++ lxterminal-0.1.11/debian/patches/fix-CVE-2016-10369.patch	2017-07-11 01:19:08.000000000 -0500
@@ -0,0 +1,22 @@
+Description: use g_get_user_runtime_dir for socket directory
+ This bug is pointed out by stackexchange user that putting socket file in
+ /tmp is a potential risk. Putting the socket dir in user directory could
+ mitigate the risk.
+ .
+ This fixes CVE-2016-10369.
+Author: Yao Wei <mwei@lxde.org>
+Origin: backport
+Applied-Upstream: f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648
+Last-Update: 2017-07-11
+--- a/src/unixsocket.c
++++ b/src/unixsocket.c
+@@ -120,7 +120,8 @@ gboolean lxterminal_socket_initialize(LX
+      * This function returns TRUE if this process should keep running and FALSE if it should exit. */
+ 
+     /* Formulate the path for the Unix domain socket. */
+-    gchar * socket_path = g_strdup_printf("/tmp/.lxterminal-socket%s-%s", gdk_get_display(), g_get_user_name());
++    gchar * socket_path = g_strdup_printf("%s/.lxterminal-socket-%s", g_get_user_runtime_dir(), gdk_get_display());
++    printf("%s\n", socket_path);
+ 
+     /* Create socket. */
+     int fd = socket(PF_UNIX, SOCK_STREAM, 0);
diff -Nru lxterminal-0.1.11/debian/patches/series lxterminal-0.1.11/debian/patches/series
--- lxterminal-0.1.11/debian/patches/series	2012-10-30 03:47:03.000000000 -0500
+++ lxterminal-0.1.11/debian/patches/series	2017-07-11 01:19:26.000000000 -0500
@@ -1,3 +1,4 @@
 01-fix-mnemonics.patch
 02-use-theme-icon-main-win.patch
 90_fix_ctrl_c_break.patch
+fix-CVE-2016-10369.patch