diff -u ssmtp-2.62/debian/patches/series ssmtp-2.62/debian/patches/series
--- ssmtp-2.62/debian/patches/series
+++ ssmtp-2.62/debian/patches/series
@@ -2,0 +3,2 @@
+02-CVE-2008-3962
+03_fix_buffer_overflow
diff -u ssmtp-2.62/debian/changelog ssmtp-2.62/debian/changelog
--- ssmtp-2.62/debian/changelog
+++ ssmtp-2.62/debian/changelog
@@ -1,3 +1,17 @@
+ssmtp (2.62-1ubuntu2) intrepid; urgency=low
+
+  * SECURITY UPDATE: allow remote attackers to obtain sensitive 
+    information (LP: #278978)
+    - debian/patches/02-CVE-2008-3962:
+    adjust in ssmtp.c to fix unitialized memory disclosure.
+    Taken from Debian BTS
+  * SECURITY UPDATE: Buffer overflow (LP: #282424)
+    - debian/patches/03_fix_buffer_overflow
+    adjust ssmtp.c to fix a buffer overflow with using 2 bytes in length
+    instead of one in buffer.
+
+ -- Stefan Ebner <sebner@ubuntu.com>  Tue, 07 Oct 2008 16:22:39 +0200
+
 ssmtp (2.62-1ubuntu1) intrepid; urgency=low
 
   * Merge from Debian unstable. (LP: #231370) Remaining Ubuntu changes:
only in patch2:
unchanged:
--- ssmtp-2.62.orig/debian/patches/03_fix_buffer_overflow
+++ ssmtp-2.62/debian/patches/03_fix_buffer_overflow
@@ -0,0 +1,22 @@
+Index: ssmtp.c
+===================================================================
+--- ssmtp-2.62.orig/ssmtp.c	2008-10-15 20:13:52.000000000 +0200
++++ ssmtp-2.62/ssmtp.c	2008-10-15 20:15:13.000000000 +0200
+@@ -1364,7 +1364,7 @@
+ 	ssize_t outbytes = 0;
+ 
+ 	va_start(ap, format);
+-	if(vsnprintf(buf, (BUF_SZ - 2), format, ap) == -1) {
++	if(vsnprintf(buf, BUF_SZ, format, ap) == -1) {
+ 		die("smtp_write() -- vsnprintf() failed");
+ 	}
+ 	va_end(ap);
+@@ -1631,7 +1631,7 @@
+ 
+ 	/* don't hang forever when reading from stdin */
+ 	while(!feof(stdin) && timeout < MEDWAIT) {
+-		if (!fgets(buf, sizeof(buf), stdin)) {
++		if (!fgets(buf, sizeof(buf)-2, stdin)) {
+ 			/* if nothing was received, then no transmission
+ 			 * over smtp should be done */
+ 			sleep(1);
only in patch2:
unchanged:
--- ssmtp-2.62.orig/debian/patches/02-CVE-2008-3962
+++ ssmtp-2.62/debian/patches/02-CVE-2008-3962
@@ -0,0 +1,16 @@
+Index: ssmtp-2.62/ssmtp.c
+===================================================================
+--- ssmtp-2.62.orig/ssmtp.c	2008-10-02 14:15:39.000000000 +0200
++++ ssmtp-2.62/ssmtp.c	2008-10-02 14:15:41.000000000 +0200
+@@ -485,6 +485,11 @@
+ 				die("from_format() -- snprintf() failed");
+ 			}
+ 		}
++		else {
++			if(snprintf(buf, BUF_SZ, "%s", str) == -1) {
++				die("from_format() -- snprintf() failed");
++			}
++		}
+ 	}
+ 
+ #if 0