diff -u php5-5.3.2/debian/changelog php5-5.3.2/debian/changelog
--- php5-5.3.2/debian/changelog
+++ php5-5.3.2/debian/changelog
@@ -1,3 +1,12 @@
+php5 (5.3.2-1ubuntu4.10) lucid-security; urgency=low
+
+  * SECURITY UPDATE: File path injection vulnerability in RFC1867 File
+    upload filename (LP: #813115)
+    - debian/patches/php5-CVE-2011-2202.patch:
+    - CVE-2011-2202
+
+ -- Angel Abad <angelabad@ubuntu.com>  Sun, 18 Sep 2011 22:17:07 +0200
+
 php5 (5.3.2-1ubuntu4.9) lucid-security; urgency=low
 
   * debian/patches/php5-pear-CVE-2011-1144-regression.patch: fix
diff -u php5-5.3.2/debian/patches/series php5-5.3.2/debian/patches/series
--- php5-5.3.2/debian/patches/series
+++ php5-5.3.2/debian/patches/series
@@ -87,0 +88 @@
+php5-CVE-2011-2202.patch
only in patch2:
unchanged:
--- php5-5.3.2.orig/debian/patches/php5-CVE-2011-2202.patch
+++ php5-5.3.2/debian/patches/php5-CVE-2011-2202.patch
@@ -0,0 +1,31 @@
+Description: Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename)
+Reviewed-By: Angel Abad <angelabad@ubuntu.com>
+Origin: upstream, http://svn.php.net/viewvc?view=revision&revision=312103
+Bug-Ubuntu: https://launchpad.net/bugs/813115
+
+CVE-2011-2202
+
+Patch differs from upstream commit in that it drops the added NEWS file
+entry to reduce patch conflicts, and adjusted for earlier versions of
+php.
+
+--- a/main/rfc1867.c
++++ b/main/rfc1867.c
+@@ -1214,7 +1214,7 @@
+ #endif
+ 
+ 			if (!is_anonymous) {
+-				if (s && s > filename) {
++				if (s && s >= filename) {
+ 					safe_php_register_variable(lbuf, s+1, strlen(s+1), NULL, 0 TSRMLS_CC);
+ 				} else {
+ 					safe_php_register_variable(lbuf, filename, strlen(filename), NULL, 0 TSRMLS_CC);
+@@ -1227,7 +1227,7 @@
+ 			} else {
+ 				snprintf(lbuf, llen, "%s[name]", param);
+ 			}
+-			if (s && s > filename) {
++			if (s && s >= filename) {
+ 				register_http_post_files_variable(lbuf, s+1, http_post_files, 0 TSRMLS_CC);
+ 			} else {
+ 				register_http_post_files_variable(lbuf, filename, http_post_files, 0 TSRMLS_CC);