diff -u wordpress-2.1.3/debian/changelog wordpress-2.1.3/debian/changelog
--- wordpress-2.1.3/debian/changelog
+++ wordpress-2.1.3/debian/changelog
@@ -1,3 +1,13 @@
+wordpress (2.1.3-1ubuntu1.1) feisty-security; urgency=low
+
+  * SECURITY UPDATE: 
+    - SQL injection vulnerability in wp-includes/query.php
+  * References
+    - http://trac.wordpress.org/ticket/5487
+    - CVE-2007-6318 (LP: #181416)
+
+ -- Emanuele Gentili <emgent@emanuele-gentili.com>  Tue, 22 Jan 2008 19:48:59 +0100
+
 wordpress (2.1.3-1ubuntu1) feisty; urgency=low
 
   * Merge from Debian unstable. Remaining changes:
only in patch2:
unchanged:
--- wordpress-2.1.3.orig/wp-admin/admin.php
+++ wordpress-2.1.3/wp-admin/admin.php
@@ -1,4 +1,5 @@
 <?php
+define('WP_ADMIN',TRUE);
 if ( defined('ABSPATH') )
 	require_once( ABSPATH . 'wp-config.php');
 else
only in patch2:
unchanged:
--- wordpress-2.1.3.orig/wp-includes/query.php
+++ wordpress-2.1.3/wp-includes/query.php
@@ -21,9 +21,9 @@
  */
 
 function is_admin () {
-	global $wp_query;
-
-	return ( $wp_query->is_admin || strstr($_SERVER['REQUEST_URI'], 'wp-admin/') );
+	if ( defined('WP_ADMIN') )
+		return WP_ADMIN;
+	return false;
 }
 
 function is_archive () {