diff -u phpmyadmin-2.9.1.1/debian/changelog phpmyadmin-2.9.1.1/debian/changelog
--- phpmyadmin-2.9.1.1/debian/changelog
+++ phpmyadmin-2.9.1.1/debian/changelog
@@ -1,3 +1,13 @@
+phpmyadmin (4:2.9.1.1-2ubuntu1) feisty; urgency=low
+
+  * SECURITY: Fix PHP Executor Deep Recursion Stack Overflow
+  * References:
+    http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
+    https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/94891
+    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1325
+
+ -- Martin Jürgens <martin@gamesplace.info>  Fri, 23 Mar 2007 12:04:17 +0100
+
 phpmyadmin (4:2.9.1.1-2) unstable; urgency=high
 
   * Backport security-related changes from 2.9.2-rc1:
only in patch2:
unchanged:
--- phpmyadmin-2.9.1.1.orig/debian/patches/031_protect_against_deep_recursion_2.9.patch
+++ phpmyadmin-2.9.1.1/debian/patches/031_protect_against_deep_recursion_2.9.patch
@@ -0,0 +1,23 @@
+Index: phpMyAdmin-2.9.1.1-all-languages-utf-8-only/libraries/common.lib.php
+===================================================================
+--- phpMyAdmin-2.9.1.1-all-languages-utf-8-only.orig/libraries/common.lib.php	(revision 10042)
++++ phpMyAdmin-2.9.1.1-all-languages-utf-8-only/libraries/common.lib.php	(working copy)
+@@ -510,6 +510,10 @@
+  */
+ function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false)
+ {
++    static $recursive_counter = 0;
++    if (++$recursive_counter > 1000) {
++        die('possible deep recursion attack');
++    }
+     foreach ($array as $key => $value) {
+         if (is_array($value)) {
+             PMA_arrayWalkRecursive($array[$key], $function, $apply_to_keys_also);
+@@ -525,6 +529,7 @@
+             }
+         }
+     }
++    $recursive_counter++;
+ }
+ 
+ /**