diff -u ejabberd-2.1.2/debian/changelog ejabberd-2.1.2/debian/changelog
--- ejabberd-2.1.2/debian/changelog
+++ ejabberd-2.1.2/debian/changelog
@@ -1,3 +1,11 @@
+ejabberd (2.1.2-2ubuntu0.1) lucid-security; urgency=low
+
+  * SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
+    - debian/patches/CVE-2011-1753.patch: patch from upstream
+    - CVE-2011-1753
+
+ -- Felix Geyer <debfx-pkg@fobos.de>  Thu, 16 Jun 2011 11:53:01 +0200
+
 ejabberd (2.1.2-2) unstable; urgency=high
 
   * Integrate upstream patches for EJAB-1173,
diff -u ejabberd-2.1.2/debian/control ejabberd-2.1.2/debian/control
--- ejabberd-2.1.2/debian/control
+++ ejabberd-2.1.2/debian/control
@@ -1,7 +1,8 @@
 Source: ejabberd
 Section: net
 Priority: optional
-Maintainer: Torsten Werner <twerner@debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Torsten Werner <twerner@debian.org>
 Uploaders: Gerfried Fuchs <rhonda@debian.at>, Konstantin Khomoutov <flatworm@users.sourceforge.net>
 Build-Depends: debhelper (>= 7), quilt, erlang-nox, erlang-dev (>= 1:13.b), libexpat1-dev, libssl-dev, zlib1g-dev, libpam0g-dev, po-debconf
 Standards-Version: 3.8.3
diff -u ejabberd-2.1.2/debian/patches/series ejabberd-2.1.2/debian/patches/series
--- ejabberd-2.1.2/debian/patches/series
+++ ejabberd-2.1.2/debian/patches/series
@@ -6,0 +7 @@
+CVE-2011-1753.patch
only in patch2:
unchanged:
--- ejabberd-2.1.2.orig/debian/patches/CVE-2011-1753.patch
+++ ejabberd-2.1.2/debian/patches/CVE-2011-1753.patch
@@ -0,0 +1,24 @@
+From 2cf277b5e42911403869073eedb4a162b38fb132 Mon Sep 17 00:00:00 2001
+From: Badlop <badlop@process-one.net>
+Date: Fri, 20 May 2011 23:13:16 +0200
+Subject: [PATCH] Disable all entity expansions (thanks to Alexey Shchepin)
+
+---
+ src/expat_erl.c |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/src/expat_erl.c b/src/expat_erl.c
+index 08f298e..4444bb1 100644
+--- a/src/expat_erl.c
++++ b/src/expat_erl.c
+@@ -169,6 +169,7 @@ static ErlDrvData expat_erl_start(ErlDrvPort port, char *buff)
+    XML_SetCharacterDataHandler(
+       d->parser, (XML_CharacterDataHandler)erlXML_CharacterDataHandler);
+ 
++   XML_SetDefaultHandler(d->parser, NULL);
+ 
+    return (ErlDrvData)d;
+ }
+-- 
+1.7.4.4
+