diff -u net-snmp-5.2.1.2/debian/changelog net-snmp-5.2.1.2/debian/changelog
--- net-snmp-5.2.1.2/debian/changelog
+++ net-snmp-5.2.1.2/debian/changelog
@@ -1,3 +1,15 @@
+net-snmp (5.2.1.2-4ubuntu2.4) dapper-security; urgency=low
+
+  * SECURITY-UPDATE: net-analyzer/net-snmp tcp-wrappers vulnerability
+                     allowing 3rd parties to access snmpd
+    - 54_CVE-2008-6123: fixes this issue (LP:#3311410)
+      + Added struct netsnmp_udp_addr_pair_s
+      + Replaced netsnmp_udp_fmtaddr in snmplib/snmpUDPDomain.c with the 
+        actual version in 
+        http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/branches/V5-2-patches/net-snmp/snmplib/snmpUDPDomain.c?revision=17367&view=markup&pathrev=17367
+
+ -- Stephan Hermann <sh@sourcecode.de>  Fri, 20 Feb 2009 08:42:41 +0100
+
 net-snmp (5.2.1.2-4ubuntu2.3) dapper-security; urgency=low
 
   * SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets.
only in patch2:
unchanged:
--- net-snmp-5.2.1.2.orig/debian/patches/54_CVE_2008-6123.patch
+++ net-snmp-5.2.1.2/debian/patches/54_CVE_2008-6123.patch
@@ -0,0 +1,53 @@
+diff -Nur -x '*.orig' -x '*~' net-snmp-5.2.1.2/snmplib/snmpUDPDomain.c net-snmp-5.2.1.2.new/snmplib/snmpUDPDomain.c
+--- net-snmp-5.2.1.2/snmplib/snmpUDPDomain.c	2009-02-20 08:34:51.997236865 +0100
++++ net-snmp-5.2.1.2.new/snmplib/snmpUDPDomain.c	2009-02-20 08:42:10.937275608 +0100
+@@ -62,6 +62,12 @@
+ 
+ static netsnmp_tdomain udpDomain;
+ 
++typedef struct netsnmp_udp_addr_pair_s {
++    struct sockaddr_in remote_addr;
++    struct in_addr local_addr;
++} netsnmp_udp_addr_pair;
++
++
+ /*
+  * not static, since snmpUDPIPv6Domain needs it, but not public, either.
+  * (ie don't put it in a public header.)
+@@ -76,20 +82,28 @@
+ static char *
+ netsnmp_udp_fmtaddr(netsnmp_transport *t, void *data, int len)
+ {
+-    struct sockaddr_in *to = NULL;
++    netsnmp_udp_addr_pair *addr_pair = NULL;
+ 
+-    if (data != NULL && len == sizeof(struct sockaddr_in)) {
+-        to = (struct sockaddr_in *) data;
++    if (data != NULL && len == sizeof(netsnmp_udp_addr_pair)) {
++        addr_pair = (netsnmp_udp_addr_pair *) data;
+     } else if (t != NULL && t->data != NULL) {
+-        to = (struct sockaddr_in *) t->data;
++        addr_pair = (netsnmp_udp_addr_pair *) t->data;
+     }
+-    if (to == NULL) {
++
++    if (addr_pair == NULL) {
+         return strdup("UDP: unknown");
+     } else {
+-	char tmp[64];
+-
+-        sprintf(tmp, "UDP: [%s]:%hd",
++        struct sockaddr_in *to = NULL;
++        char tmp[64];
++        to = (struct sockaddr_in *) &(addr_pair->remote_addr);
++        if (to == NULL) {
++            sprintf(tmp, "UDP: unknown->[%s]",
++                inet_ntoa(addr_pair->local_addr));
++        } else {
++            sprintf(tmp, "UDP: [%s]:%hu->",
+                 inet_ntoa(to->sin_addr), ntohs(to->sin_port));
++            sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr));
++        }
+         return strdup(tmp);
+     }
+ }