diff -u python-pam-0.4.2/debian/changelog python-pam-0.4.2/debian/changelog
--- python-pam-0.4.2/debian/changelog
+++ python-pam-0.4.2/debian/changelog
@@ -1,3 +1,12 @@
+python-pam (0.4.2-12.2ubuntu4) precise; urgency=low
+
+  * SECURITY UPDATE: possible code execution via double-free (LP: #949218)
+    - PAMmodule.c: prevent double free in PyPAM_conv().
+    - Thanks to Markus Vervier for the notification and the patch.
+    - CVE-2012-1502
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 08 Mar 2012 08:06:43 -0500
+
 python-pam (0.4.2-12.2ubuntu3) precise; urgency=low
 
   * Rebuild to drop python2.6 dependencies.
diff -u python-pam-0.4.2/debian/control python-pam-0.4.2/debian/control
--- python-pam-0.4.2/debian/control
+++ python-pam-0.4.2/debian/control
@@ -2,7 +2,7 @@
 Section: python
 Priority: optional
 Build-Depends: debhelper (>= 5.0.37.2), python-all-dev (>= 2.3.5-11), python-all-dbg, libpam0g-dev
-Maintainer: Ubuntu Core developers <ubuntu-devel-discuss@lists.ubuntu.com>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
 XSBC-Original-Maintainer: Dima Barsky <dima@debian.org>
 Standards-Version: 3.7.2
 
only in patch2:
unchanged:
--- python-pam-0.4.2.orig/PAMmodule.c
+++ python-pam-0.4.2/PAMmodule.c
@@ -80,6 +80,7 @@
         resp_retcode = 0;
         if (!PyArg_ParseTuple(respTuple, "si", &resp_text, &resp_retcode)) {
             free(*resp);
+            *resp = NULL;
             Py_DECREF(respList);
             return PAM_CONV_ERR;
         }