diff -Nru phpmyadmin-2.11.3/debian/changelog phpmyadmin-2.11.3/debian/changelog
--- phpmyadmin-2.11.3/debian/changelog	2009-06-26 14:29:44.000000000 +0100
+++ phpmyadmin-2.11.3/debian/changelog	2009-06-26 14:29:45.000000000 +0100
@@ -1,3 +1,16 @@
+phpmyadmin (4:2.11.3-1ubuntu1.2) hardy-security; urgency=low
+
+  * SECURITY UPDATE: Insufficient output sanitizing when generating
+    configuration file (LP: #387215).
+    - debian/patches/053_CVE-2009-1151.dpatch: Added. Do not output unescaped
+      chars to generated configuration file. Patch from upstream SVN revision
+      12301.
+    - References:
+      + CVE-2009-1151
+      + PMASA-2009-3
+
+ -- Jonathan Davies <jpds@ubuntu.com>  Thu, 25 Jun 2009 16:01:38 +0100
+
 phpmyadmin (4:2.11.3-1ubuntu1.1) hardy-security; urgency=low
 
   * SECURITY UPDATE: sensitive data in session files, reading of arbitrary
diff -Nru phpmyadmin-2.11.3/debian/patches/00list phpmyadmin-2.11.3/debian/patches/00list
--- phpmyadmin-2.11.3/debian/patches/00list	2009-06-26 14:29:44.000000000 +0100
+++ phpmyadmin-2.11.3/debian/patches/00list	2009-06-26 14:29:45.000000000 +0100
@@ -4,3 +4,4 @@
 050_CVE-2008-1149.dpatch 
 051_CVE-2008-1567
 052_CVE-2008-1924
+053_CVE-2009-1151.dpatch
diff -Nru phpmyadmin-2.11.3/debian/patches/053_CVE-2009-1151.dpatch phpmyadmin-2.11.3/debian/patches/053_CVE-2009-1151.dpatch
--- phpmyadmin-2.11.3/debian/patches/053_CVE-2009-1151.dpatch	1970-01-01 01:00:00.000000000 +0100
+++ phpmyadmin-2.11.3/debian/patches/053_CVE-2009-1151.dpatch	2009-06-26 14:29:45.000000000 +0100
@@ -0,0 +1,25 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 053_CVE-2009-1151.dpatch by Jonathan Davies <jpds@ubuntu.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: PMASA-2009-3
+
+@DPATCH@
+--- ./scripts/setup.php	2009-06-25 16:07:38.000000000 +0100
++++ ./scripts/setup.php	2009-06-25 16:08:57.000000000 +0100
+@@ -573,6 +573,7 @@ function get_cfg_string($cfg) {
+         foreach ($c['Servers'] as $cnt => $srv) {
+             $ret .= $crlf . '/* Server ' . strtr(get_server_name($srv, $cnt, false), '*', '-') . " */$crlf\$i++;" . $crlf;
+             foreach ($srv as $key => $val) {
++                $key = preg_replace('/[^A-Za-z0-9_]/', '_', $key);
+                 $ret .= get_cfg_val("\$cfg['Servers'][\$i]['$key']", $val);
+             }
+         }
+@@ -581,6 +582,7 @@ function get_cfg_string($cfg) {
+     unset($c['Servers']);
+ 
+     foreach ($c as $key => $val) {
++        $key = preg_replace('/[^A-Za-z0-9_]/', '_', $key);
+         $ret .= get_cfg_val("\$cfg['$key']", $val);
+     }
+