diff -u tuxguitar-1.1/debian/changelog tuxguitar-1.1/debian/changelog
--- tuxguitar-1.1/debian/changelog
+++ tuxguitar-1.1/debian/changelog
@@ -1,3 +1,12 @@
+tuxguitar (1.1-1ubuntu4.1) lucid-security; urgency=low
+
+  * SECURITY UPDATE: insecure library loading (LP: #660923)
+    - misc/tuxguitar.sh: Use shell expansion when settingLD_LIBRARY_PATH.  
+      Based on patch in Debian version 1.2-7. Thanks to Etienne Millon.
+    - CVE-2010-3385
+
+ -- Micah Gersten <micahg@ubuntu.com>  Thu, 14 Oct 2010 23:09:45 -0500
+
 tuxguitar (1.1-1ubuntu4) lucid; urgency=low
 
   * misc/tuxguitar.sh: tuxguitar still looks for xulrunner-1.9.1 (LP: #544830)
diff -u tuxguitar-1.1/misc/tuxguitar.sh tuxguitar-1.1/misc/tuxguitar.sh
--- tuxguitar-1.1/misc/tuxguitar.sh
+++ tuxguitar-1.1/misc/tuxguitar.sh
@@ -112,7 +112,7 @@
     [ -z ${MOZILLA_FIVE_HOME} ] && t=$(mozilla_guess_) && [ -d "$t" ] && MOZILLA_FIVE_HOME=$t
     if [ -d "$MOZILLA_FIVE_HOME" ] ; then
         export MOZILLA_FIVE_HOME
-        export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$MOZILLA_FIVE_HOME
+        export LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$MOZILLA_FIVE_HOME"
     else
 	echo '$MOZILLA_FIVE_HOME not valid : check doc shipped w/ tuxguitar'
     fi