diff -u lightdm-1.1.7/debian/changelog lightdm-1.1.7/debian/changelog
--- lightdm-1.1.7/debian/changelog
+++ lightdm-1.1.7/debian/changelog
@@ -1,3 +1,11 @@
+lightdm (1.1.7-0ubuntu2) precise; urgency=low
+
+  * debian/guest-account: Fix arbitrary file deletion in removal of guest
+    files in /tmp. Use find/xargs with 0 separators instead of spaces.
+    (LP: #953044, CVE-2012-0943)
+
+ -- Martin Pitt <martin.pitt@ubuntu.com>  Tue, 13 Mar 2012 14:53:10 +0100
+
 lightdm (1.1.7-0ubuntu1) precise; urgency=low
 
   * New upstream release.
diff -u lightdm-1.1.7/debian/guest-account lightdm-1.1.7/debian/guest-account
--- lightdm-1.1.7/debian/guest-account
+++ lightdm-1.1.7/debian/guest-account
@@ -121,7 +121,7 @@
   rm -rf "$HOME"
 
   # remove leftovers in /tmp
-  find /tmp -mindepth 1 -maxdepth 1 -uid "$UID" | xargs rm -rf || true
+  find /tmp -mindepth 1 -maxdepth 1 -uid "$UID" -print0 | xargs -0 rm -rf || true
 
   deluser --system "$USER"
 }