diff -Nru postgis-2.1.2+dfsg/debian/changelog postgis-2.1.2+dfsg/debian/changelog
--- postgis-2.1.2+dfsg/debian/changelog	2014-04-07 15:38:58.000000000 +0100
+++ postgis-2.1.2+dfsg/debian/changelog	2015-04-01 21:25:29.000000000 +0100
@@ -1,3 +1,12 @@
+postgis (2.1.2+dfsg-2ubuntu0.1) trusty; urgency=high
+
+  [ Markus Wanner ]
+  * Add patch geojson-fix-3094.patch, back-ported from the 2.1.7 release,
+    to fix a crash of the database backend process when given invalid
+    GeoJSON data. Based on debian patch by Markus Wanner.
+
+ -- Johan Van de Wauw <johan.vandewauw@gmail.com>  Wed, 01 Apr 2015 21:29:10 +0200
+
 postgis (2.1.2+dfsg-2) unstable; urgency=medium
 
   * Fix arch-only builds by moving the maven-repo-helper dependency from
diff -Nru postgis-2.1.2+dfsg/debian/patches/geojson-fix-3094.patch postgis-2.1.2+dfsg/debian/patches/geojson-fix-3094.patch
--- postgis-2.1.2+dfsg/debian/patches/geojson-fix-3094.patch	1970-01-01 01:00:00.000000000 +0100
+++ postgis-2.1.2+dfsg/debian/patches/geojson-fix-3094.patch	2015-04-01 21:25:29.000000000 +0100
@@ -0,0 +1,77 @@
+Description: Fix for GeoJSON ingestion
+ Malformed JSON data used to crash the database backend process and
+ especially web services use to pass on such JSON data unexamined.
+Forwarded: not-needed
+Bug: http://trac.osgeo.org/postgis/ticket/3094
+Origin: upstream, http://trac.osgeo.org/postgis/changeset/13400
+Author: Paul Ramsey <pramsey@cleverelephant.ca>
+
+--- a/liblwgeom/lwin_geojson.c
++++ b/liblwgeom/lwin_geojson.c
+@@ -47,7 +47,11 @@ findMemberByName(json_object* poObj, con
+ 
+ 	if( NULL != json_object_get_object(poTmp) )
+ 	{
+-		assert( NULL != json_object_get_object(poTmp)->head );
++		if( NULL == json_object_get_object(poTmp)->head )
++		{
++			geojson_lwerror("invalid GeoJSON representation", 2);
++			return NULL;
++		}
+ 
+ 		for( it.entry = json_object_get_object(poTmp)->head;
+ 		        ( it.entry ?
+@@ -79,7 +83,12 @@ parse_geojson_coord(json_object *poObj,
+ 		const int nSize = json_object_array_length( poObj );
+ 		LWDEBUGF(3, "parse_geojson_coord called for array size %d.", nSize );
+ 
+-
++		if ( nSize < 2 )
++		{
++			geojson_lwerror("Too few ordinates in GeoJSON", 4);
++			return LW_FAILURE;
++		}
++		
+ 		// Read X coordinate
+ 		poObjCoord = json_object_array_get_idx( poObj, 0 );
+ 		pt.x = json_object_get_double( poObjCoord );
+@@ -90,7 +99,7 @@ parse_geojson_coord(json_object *poObj,
+ 		pt.y = json_object_get_double( poObjCoord );
+ 		LWDEBUGF(3, "parse_geojson_coord pt.y = %f.", pt.y );
+ 
+-		if( nSize == 3 ) /* should this be >= 3 ? */
++		if( nSize < 2 ) /* should this be >= 3 ? */
+ 		{
+ 			// Read Z coordinate
+ 			poObjCoord = json_object_array_get_idx( poObj, 2 );
+@@ -98,19 +107,27 @@ parse_geojson_coord(json_object *poObj,
+ 			LWDEBUGF(3, "parse_geojson_coord pt.z = %f.", pt.z );
+ 			*hasz = LW_TRUE;
+ 		}
+-		else
++		else if ( nSize == 2 )
+ 		{
+ 			*hasz = LW_FALSE;
+ 			/* Initialize Z coordinate, if required */
+ 			if ( FLAGS_GET_Z(pa->flags) ) pt.z = 0.0;
+ 		}
+-
+-		/* TODO: should we account for nSize > 3 ? */
++		else 
++		{
++			/* TODO: should we account for nSize > 3 ? */
++			/* more than 3 coordinates, we're just dropping dimensions here... */
++		}
+ 
+ 		/* Initialize M coordinate, if required */
+ 		if ( FLAGS_GET_M(pa->flags) ) pt.m = 0.0;
+ 
+ 	}
++	else
++	{
++		/* If it's not an array, just don't handle it */
++		return LW_FAILURE;
++	}
+ 
+ 	return ptarray_append_point(pa, &pt, LW_FALSE);
+ }
diff -Nru postgis-2.1.2+dfsg/debian/patches/series postgis-2.1.2+dfsg/debian/patches/series
--- postgis-2.1.2+dfsg/debian/patches/series	2014-04-05 20:33:47.000000000 +0100
+++ postgis-2.1.2+dfsg/debian/patches/series	2015-04-01 21:25:29.000000000 +0100
@@ -7,3 +7,4 @@
 fix-armel
 fix-manpage
 de-translation
+geojson-fix-3094.patch