diff -Nru binutils-h8300-hms-2.16.1/debian/changelog binutils-h8300-hms-2.16.1/debian/changelog
--- binutils-h8300-hms-2.16.1/debian/changelog	2013-09-24 04:19:36.000000000 +0000
+++ binutils-h8300-hms-2.16.1/debian/changelog	2014-06-28 21:53:50.000000000 +0000
@@ -1,9 +1,10 @@
-binutils-h8300-hms (2.16.1-9ubuntu1) saucy; urgency=low
+binutils-h8300-hms (2.16.1-10) unstable; urgency=low
 
-  * Merge from Debian unstable. Remaining changes:
-    - debian/rules: Build with -U_FORTIFY_SOURCE.
+  * Updated standards version to 3.9.5 (no changes)
+  * Merged remaining Ubuntu changes
+  * Add a safety check to guard against invalid files (Closes: #729274)
 
- -- Logan Rosen <logan@ubuntu.com>  Tue, 24 Sep 2013 00:19:00 -0400
+ -- Michael Tautschnig <mt@debian.org>  Sat, 28 Jun 2014 20:48:21 +0100
 
 binutils-h8300-hms (2.16.1-9) unstable; urgency=low
 
@@ -15,12 +16,6 @@
 
  -- Michael Tautschnig <mt@debian.org>  Sun, 23 Jun 2013 13:23:00 +0100
 
-binutils-h8300-hms (2.16.1-8ubuntu1) oneiric; urgency=low
-
-  * Build with -U_FORTIFY_SOURCE. LP: #755975.
-
- -- Matthias Klose <doko@ubuntu.com>  Mon, 29 Aug 2011 10:49:45 +0200
-
 binutils-h8300-hms (2.16.1-8) unstable; urgency=low
 
   * Fixed incompatible use of sprintf (thanks Kees Cook)
diff -Nru binutils-h8300-hms-2.16.1/debian/control binutils-h8300-hms-2.16.1/debian/control
--- binutils-h8300-hms-2.16.1/debian/control	2013-09-24 04:19:37.000000000 +0000
+++ binutils-h8300-hms-2.16.1/debian/control	2014-06-28 19:47:38.000000000 +0000
@@ -1,9 +1,8 @@
 Source: binutils-h8300-hms
 Section: devel
 Priority: standard
-Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
-XSBC-Original-Maintainer: Michael Tautschnig <mt@debian.org>
-Standards-Version: 3.9.4
+Maintainer: Michael Tautschnig <mt@debian.org>
+Standards-Version: 3.9.5
 Build-Depends: autoconf, bison, flex, gettext, texinfo, binutils, file, debhelper, autotools-dev
 
 Package: binutils-h8300-hms
diff -Nru binutils-h8300-hms-2.16.1/debian/patches/bts729274 binutils-h8300-hms-2.16.1/debian/patches/bts729274
--- binutils-h8300-hms-2.16.1/debian/patches/bts729274	1970-01-01 00:00:00.000000000 +0000
+++ binutils-h8300-hms-2.16.1/debian/patches/bts729274	2014-06-28 21:59:57.000000000 +0000
@@ -0,0 +1,33 @@
+Description: Abort on invalid header
+ .
+ binutils-h8300-hms (2.16.1-10) unstable; urgency=low
+ .
+   * Updated standards version to 3.9.5 (no changes)
+   * Merged remaining Ubuntu changes
+   * Add a safety check to guard against invalid files (Closes: #729274)
+Author: Michael Tautschnig <mt@debian.org>
+Bug-Debian: http://bugs.debian.org/729274
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- binutils-h8300-hms-2.16.1.orig/bfd/tekhex.c
++++ binutils-h8300-hms-2.16.1/bfd/tekhex.c
+@@ -330,6 +330,7 @@ getsym (dstp, srcp)
+   char *src = *srcp;
+   unsigned int i;
+   unsigned int len = hex_value(*src++);
++  if(len>=16) abort();
+ 
+   if (len == 0)
+     len = 16;
diff -Nru binutils-h8300-hms-2.16.1/debian/patches/series binutils-h8300-hms-2.16.1/debian/patches/series
--- binutils-h8300-hms-2.16.1/debian/patches/series	2013-09-24 04:17:17.000000000 +0000
+++ binutils-h8300-hms-2.16.1/debian/patches/series	2014-06-28 21:59:12.000000000 +0000
@@ -10,3 +10,4 @@
 130_coff_arm
 131_sprintf
 132_texinfo_fixes
+bts729274