diff -u opendchub-0.8.0/debian/changelog opendchub-0.8.0/debian/changelog
--- opendchub-0.8.0/debian/changelog
+++ opendchub-0.8.0/debian/changelog
@@ -1,3 +1,10 @@
+opendchub (0.8.0-5ubuntu1) lucid; urgency=low
+
+  * Fix Remote Code Execution Exploit (LP:576507)
+    Exploit Causes daemon to crash patch adopted from debian patch (#576308) from upstream
+
+ -- Manny Vindiola <mannyv@gmail.com>  Wed, 05 May 2010 20:59:00 -0400
+
 opendchub (0.8.0-5) unstable; urgency=low
 
   * debian/postrm: Remove logfiles upon purge
diff -u opendchub-0.8.0/debian/patches/series opendchub-0.8.0/debian/patches/series
--- opendchub-0.8.0/debian/patches/series
+++ opendchub-0.8.0/debian/patches/series
@@ -2,0 +3 @@
+fixes/remote-shell-exploit.patch 
only in patch2:
unchanged:
--- opendchub-0.8.0.orig/debian/patches/fixes/remote-shell-exploit.patch
+++ opendchub-0.8.0/debian/patches/fixes/remote-shell-exploit.patch
@@ -0,0 +1,20 @@
+Fixes a remote execution exploit that causes daemon to crash.
+Patch applied from debian http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308
+
+Exploit proof of concept can be found at:
+http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600
+
+
+Index: opendchub-0.8.0/src/commands.c
+===================================================================
+--- opendchub-0.8.0.orig/src/commands.c	2010-05-05 20:56:17.049869514 -0400
++++ opendchub-0.8.0/src/commands.c	2010-05-05 20:56:56.000000000 -0400
+@@ -1096,7 +1096,7 @@
+    buf = buf + i + 1;
+    
+    /* validate min upload slots */
+-   sscanf(buf, "%[^S]S:%d", &discard, &user_slots);
++   sscanf(buf, "%*[^S]S:%d", &user_slots);
+    if(user_slots < min_upload_slots)
+      {
+ 	uprintf(user, "Your upload slots are less than the allowed limit. Minimum upload slots for this hub is %d. Please increase your upload slots.|", min_upload_slots);