diff -u hugin-0.6.1/debian/changelog hugin-0.6.1/debian/changelog
--- hugin-0.6.1/debian/changelog
+++ hugin-0.6.1/debian/changelog
@@ -1,3 +1,18 @@
+hugin (0.6.1-0ubuntu1.1) edgy-security; urgency=low
+
+  * SECURITY UPDATE: hugin allows allows local users to overwrite 
+    arbitrary files via a symlink attack on a temporary file.
+  * src/Panorama/PTOptimise.cpp, src/hugin/AutoCtrlPointCreator.cpp:
+    Patched these files according to upstream to fix this issue.
+    (See: https://bugzilla.redhat.com/attachment.cgi?id=236541)
+  * References:
+    CVE-2007-5200
+    https://bugzilla.redhat.com/attachment.cgi?id=236541
+    https://bugzilla.redhat.com/show_bug.cgi?id=332401
+    http://www.novell.com/linux/security/advisories/2007_20_sr.html
+
+ -- Stephan Hermann <sh@sourcecode.de>  Wed, 14 Nov 2007 10:45:55 +0100
+
 hugin (0.6.1-0ubuntu1) edgy; urgency=low
 
   * New upstream release
only in patch2:
unchanged:
--- hugin-0.6.1.orig/src/Panorama/PTOptimise.cpp
+++ hugin-0.6.1/src/Panorama/PTOptimise.cpp
@@ -36,9 +36,6 @@
 #include <boost/property_map.hpp>
 #include <boost/graph/graph_utility.hpp>
 
-#define DEBUG_WRITE_OPTIM_OUTPUT
-#define DEBUG_WRITE_OPTIM_OUTPUT_FILE "hugin_debug_optim_results.txt"
-
 using namespace std;
 using namespace PT;
 using namespace PTools;
@@ -132,13 +129,6 @@
 			RunLMOptimizer( &opt );
 			ainf.data		= opt.message;
             // get results from align info.
-#ifdef DEBUG_WRITE_OPTIM_OUTPUT
-            fullPath path;
-            StringtoFullPath(&path, DEBUG_WRITE_OPTIM_OUTPUT_FILE );
-
-		    ainf.data		= opt.message;
-            WriteResults( script, &path, &ainf, distSquared, 0);
-#endif
             pano.updateVariables(GetAlignInfoVariables(ainf) );
             pano.updateCtrlPointErrors( GetAlignInfoCtrlPoints(ainf) );
 		}
only in patch2:
unchanged:
--- hugin-0.6.1.orig/src/hugin/AutoCtrlPointCreator.cpp
+++ hugin-0.6.1/src/hugin/AutoCtrlPointCreator.cpp
@@ -225,7 +225,7 @@
 	}
 #endif
 
-    wxString ptofile(wxT("autopano_result_tempfile.pto"));
+    wxString ptofile = wxFileName::CreateTempFileName(wxT("ap_res"));
     autopanoArgs.Replace(wxT("%o"), ptofile);
     wxString tmp;
     tmp.Printf(wxT("%d"), nFeatures);
@@ -415,7 +415,7 @@
         imgNr++;
     }
 
-    wxString ptofile(wxT("autopano_result_tempfile"));
+    wxString ptofile = wxFileName::CreateTempFileName(wxT("ap_res"));
     autopanoArgs.Replace(wxT("%o"), ptofile);
     wxString tmp;
     tmp.Printf(wxT("%d"), nFeatures);