diff -u pmount-0.9.18/debian/changelog pmount-0.9.18/debian/changelog
--- pmount-0.9.18/debian/changelog
+++ pmount-0.9.18/debian/changelog
@@ -1,3 +1,10 @@
+pmount (0.9.18-2+lenny1) stable-security; urgency=high
+
+  * 02-fix-CVE-2010-2192.dpatch to fix a security hole, referenced as
+    CVE-2010-2192
+
+ -- Vincent Fourmond <fourmond@debian.org>  Tue, 15 Jun 2010 21:41:17 +0200
+
 pmount (0.9.18-2) unstable; urgency=medium
 
   * Adding Vcs-* fields
diff -u pmount-0.9.18/debian/rules pmount-0.9.18/debian/rules
--- pmount-0.9.18/debian/rules
+++ pmount-0.9.18/debian/rules
@@ -3,6 +3,9 @@
 include /usr/share/cdbs/1/class/autotools.mk
 include /usr/share/cdbs/1/rules/dpatch.mk
 
+# Manually set the lock directory:
+DEB_CONFIGURE_EXTRA_FLAGS = --with-lock-dir=/var/lib/pmount-locks
+
 common-post-build-arch::
 	# Generate a POT file
 	cd po; intltool-update -p --verbose
diff -u pmount-0.9.18/debian/patches/00list pmount-0.9.18/debian/patches/00list
--- pmount-0.9.18/debian/patches/00list
+++ pmount-0.9.18/debian/patches/00list
@@ -1,0 +2 @@
+02-fix-CVE-2010-2192
only in patch2:
unchanged:
--- pmount-0.9.18.orig/debian/patches/02-fix-CVE-2010-2192.dpatch
+++ pmount-0.9.18/debian/patches/02-fix-CVE-2010-2192.dpatch
@@ -0,0 +1,24 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02-fix-CVE-2010-2192.dpatch by  <fourmond@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' pmount~/src/policy.c pmount/src/policy.c
+--- pmount~/src/policy.c	2010-06-15 21:41:08.000000000 +0200
++++ pmount/src/policy.c	2010-06-15 21:42:22.546025474 +0200
+@@ -559,9 +559,13 @@
+ void make_lockdir_name( const char* device, char* name, size_t name_size )
+ {
+     char* devname;
++    /* Strip an initial whitespace in device, will look better */
++    if(*device == '/')
++      device++;
+ 
+     devname = strreplace( device, '/', '_' );
+-    snprintf( name, name_size, "%s%s", LOCKDIR, devname );
++    /* Make the lockdir a subdirectory of LOCKDIR ! */
++    snprintf( name, name_size, "%s/%s", LOCKDIR, devname );
+     free( devname );
+ }