Index: debian/patches/74_salted_passwords.dpatch
===================================================================
--- debian/patches/74_salted_passwords.dpatch	(revision 1065)
+++ debian/patches/74_salted_passwords.dpatch	(working copy)
@@ -70,7 +70,7 @@
 +        my $hash = MIME::Base64::decode_base64($stored);
 +        # The first 4 bytes are the salt, the rest is substr(SHA256,0,26)
 +        my $salt = substr($hash, 0, 4, "");
-+        return substr(sha256($salt . Digest::MD5::md5($value)), 0, 26) eq $hash;
++        return substr(Digest::SHA::sha256($salt . Digest::MD5::md5($value)), 0, 26) eq $hash;
 +    } elsif (length $stored == 32) {
 +        # Hex nonsalted-md5
 +        return 0 unless Digest::MD5::md5_hex(Encode::encode_utf8($value)) eq $stored;
Index: debian/changelog
===================================================================
--- debian/changelog	(revision 1065)
+++ debian/changelog	(working copy)
@@ -1,3 +1,10 @@
+request-tracker3.8 (3.8.7-1ubuntu2.2) lucid-security; urgency=low
+
+  * Fix error in previous patch application which broke logins.
+    Thanks to Best Practical for the testing and fix.
+
+ -- Dominic Hargreaves <dom@earth.li>  Thu, 24 Nov 2011 14:37:00 +0000
+
 request-tracker3.8 (3.8.7-1ubuntu2.1) lucid-security; urgency=low
 
   * SECURITY UPDATE: support salted passwords in database and upgrade