diff -Nru a2ps-4.14/debian/changelog a2ps-4.14/debian/changelog
--- a2ps-4.14/debian/changelog	2014-03-27 14:08:23.000000000 +0000
+++ a2ps-4.14/debian/changelog	2014-03-30 07:09:47.000000000 +0000
@@ -1,3 +1,14 @@
+a2ps (1:4.14-1.3) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Add CVE-2014-0466.diff patch.
+    CVE-2014-0466: fixps does not invoke gs with -dSAFER. A malicious
+    PostScript file could delete files with the privileges of the invoking
+    user.
+    Thanks to brian m. carlson <sandals@crustytoothpaste.net> (Closes: #742902)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 30 Mar 2014 09:09:07 +0200
+
 a2ps (1:4.14-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru a2ps-4.14/debian/patches/CVE-2014-0466.diff a2ps-4.14/debian/patches/CVE-2014-0466.diff
--- a2ps-4.14/debian/patches/CVE-2014-0466.diff	1970-01-01 00:00:00.000000000 +0000
+++ a2ps-4.14/debian/patches/CVE-2014-0466.diff	2014-03-30 07:09:47.000000000 +0000
@@ -0,0 +1,30 @@
+Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
+ A malicious PostScript file could delete files with the privileges of
+ the invoking user.
+Origin: vendor
+Bug-Debian: http://bugs.debian.org/742902
+Author: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2014-03-28
+
+--- a/contrib/fixps.in
++++ b/contrib/fixps.in
+@@ -389,7 +389,7 @@
+   	eval "$command" ;;
+       gs)
+         $verbose "$program: making a full rewrite of the file ($gs)." >&2
+-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
++  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+     esac
+   )
+ fi
+--- a/contrib/fixps.m4
++++ b/contrib/fixps.m4
+@@ -307,7 +307,7 @@
+   	eval "$command" ;;
+       gs)
+         $verbose "$program: making a full rewrite of the file ($gs)." >&2
+-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
++  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+     esac
+   )
+ fi
diff -Nru a2ps-4.14/debian/patches/series a2ps-4.14/debian/patches/series
--- a2ps-4.14/debian/patches/series	2014-03-27 14:05:03.000000000 +0000
+++ a2ps-4.14/debian/patches/series	2014-03-30 07:09:47.000000000 +0000
@@ -10,3 +10,4 @@
 fix-bad-free.diff
 fix-format-security.diff
 fix-texi-build.diff
+CVE-2014-0466.diff