diff -u hugin-0.7~beta4/debian/changelog hugin-0.7~beta4/debian/changelog
--- hugin-0.7~beta4/debian/changelog
+++ hugin-0.7~beta4/debian/changelog
@@ -1,3 +1,18 @@
+hugin (0.7~beta4-0ubuntu3.1) gutsy-security; urgency=low
+
+  * SECURITY UPDATE: hugin allows allows local users to overwrite 
+    arbitrary files via a symlink attack on a temporary file.
+  * src/Panorama/PTOptimise.cpp, src/hugin/AutoCtrlPointCreator.cpp:
+    Patched these files according to upstream to fix this issue.
+    (See: https://bugzilla.redhat.com/attachment.cgi?id=236541)
+  * References:
+    CVE-2007-5200
+    https://bugzilla.redhat.com/attachment.cgi?id=236541
+    https://bugzilla.redhat.com/show_bug.cgi?id=332401
+    http://www.novell.com/linux/security/advisories/2007_20_sr.html
+
+ -- Stephan Hermann <sh@sourcecode.de>  Wed, 14 Nov 2007 11:01:48 +0100
+
 hugin (0.7~beta4-0ubuntu3) gutsy; urgency=low
 
   * Add depends on enblend and autopano-sift (#138567)
only in patch2:
unchanged:
--- hugin-0.7~beta4.orig/src/Panorama/PTOptimise.cpp
+++ hugin-0.7~beta4/src/Panorama/PTOptimise.cpp
@@ -36,9 +36,6 @@
 #include <boost/property_map.hpp>
 #include <boost/graph/graph_utility.hpp>
 
-#define DEBUG_WRITE_OPTIM_OUTPUT
-#define DEBUG_WRITE_OPTIM_OUTPUT_FILE "hugin_debug_optim_results.txt"
-
 using namespace std;
 using namespace PT;
 using namespace PTools;
only in patch2:
unchanged:
--- hugin-0.7~beta4.orig/src/hugin/AutoCtrlPointCreator.cpp
+++ hugin-0.7~beta4/src/hugin/AutoCtrlPointCreator.cpp
@@ -219,7 +219,7 @@
 	}
 #endif
 
-    wxString ptofile(wxT("autopano_result_tempfile.pto"));
+    wxString ptofile = wxFileName::CreateTempFileName(wxT("ap_res"));
     autopanoArgs.Replace(wxT("%o"), ptofile);
     wxString tmp;
     tmp.Printf(wxT("%d"), nFeatures);
@@ -373,7 +373,7 @@
         imgNr++;
     }
 
-    wxString ptofile(wxT("autopano_result_tempfile"));
+    wxString ptofile = wxFileName::CreateTempFileName(wxT("ap_res"));
     autopanoArgs.Replace(wxT("%o"), ptofile);
     wxString tmp;
     tmp.Printf(wxT("%d"), nFeatures);