diff -Nru znc-1.0/debian/changelog znc-1.0/debian/changelog
--- znc-1.0/debian/changelog	2013-04-11 15:53:22.000000000 -0400
+++ znc-1.0/debian/changelog	2014-01-13 12:24:01.000000000 -0500
@@ -1,3 +1,12 @@
+znc (1.0-2ubuntu1.1) raring-security; urgency=low
+
+  * SECURITY UPDATE: null pointer dereference in webadmin (LP: #1268658)
+    - debian/patches/CVE-2013-2130.diff: Patch from Debian based on upstream to
+      fix null pointer dereferences.
+    - CVE-2013-2130
+
+ -- Thomas Ward <teward@ubuntu.com>  Mon, 13 Jan 2014 12:20:57 -0500
+
 znc (1.0-2ubuntu1) raring; urgency=low
 
   * Modified build infrastructure to be multiarch-Tcl-aware, fixing
diff -Nru znc-1.0/debian/patches/CVE-2013-2130.diff znc-1.0/debian/patches/CVE-2013-2130.diff
--- znc-1.0/debian/patches/CVE-2013-2130.diff	1969-12-31 19:00:00.000000000 -0500
+++ znc-1.0/debian/patches/CVE-2013-2130.diff	2014-01-13 12:20:37.000000000 -0500
@@ -0,0 +1,34 @@
+Description: Upstream patch to fix a null pointer dereference in the webadmin
+Origin:      upstream https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28
+Bug-Debian:  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720632
+Bug-Ubuntu:  https://bugs.launchpad.net/bugs/1268658
+diff -Naur znc-1.0.orig/modules/webadmin.cpp znc-1.0/modules/webadmin.cpp
+--- znc-1.0.orig/modules/webadmin.cpp	2012-11-06 17:02:20.000000000 +0100
++++ znc-1.0/modules/webadmin.cpp	2013-08-26 10:09:58.397339768 +0200
+@@ -433,7 +433,7 @@
+ 			CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
+ 
+ 			// Admin||Self Check
+-			if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
++			if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
+ 				return false;
+ 			}
+ 
+@@ -457,7 +457,7 @@
+ 			CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
+ 
+ 			// Admin||Self Check
+-			if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
++			if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
+ 				return false;
+ 			}
+ 
+@@ -471,7 +471,7 @@
+ 			CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
+ 
+ 			// Admin||Self Check
+-			if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
++			if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
+ 				return false;
+ 			}
+ 
diff -Nru znc-1.0/debian/patches/series znc-1.0/debian/patches/series
--- znc-1.0/debian/patches/series	2012-12-12 05:07:38.000000000 -0500
+++ znc-1.0/debian/patches/series	2014-01-13 12:17:55.000000000 -0500
@@ -1 +1,2 @@
 01-spelling-error.diff
+CVE-2013-2130.diff