diff -Nru elfutils-0.152/debian/changelog elfutils-0.152/debian/changelog
--- elfutils-0.152/debian/changelog	2012-03-07 07:34:49.000000000 +0000
+++ elfutils-0.152/debian/changelog	2015-01-20 21:22:55.000000000 +0000
@@ -1,3 +1,12 @@
+elfutils (0.152-1ubuntu3.1) precise-security; urgency=medium
+
+  * SECURITY UPDATE: Directory traversal via crafted ar archive
+    - debian/patches/CVE-2014-9447.patch: Prevent root directory traversal
+      while extracting ar archives
+    - CVE-2014-9447
+
+ -- Tyler Hicks <tyhicks@canonical.com>  Tue, 20 Jan 2015 15:22:54 -0600
+
 elfutils (0.152-1ubuntu3) precise; urgency=low
 
   [ Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org> ]
diff -Nru elfutils-0.152/debian/patches/CVE-2014-9447.patch elfutils-0.152/debian/patches/CVE-2014-9447.patch
--- elfutils-0.152/debian/patches/CVE-2014-9447.patch	1970-01-01 00:00:00.000000000 +0000
+++ elfutils-0.152/debian/patches/CVE-2014-9447.patch	2015-01-16 21:26:28.000000000 +0000
@@ -0,0 +1,39 @@
+From 147018e729e7c22eeabf15b82d26e4bf68a0d18e Mon Sep 17 00:00:00 2001
+From: Alexander Cherepanov <cherepan@mccme.ru>
+Date: Sun, 28 Dec 2014 19:57:19 +0300
+Subject: libelf: Fix dir traversal vuln in ar extraction.
+
+read_long_names terminates names at the first '/' found but then skips
+one character without checking (it's supposed to be '\n'). Hence the
+next name could start with any character including '/'. This leads to
+a directory traversal vulnerability at the time the contents of the
+archive is extracted.
+
+The danger is mitigated by the fact that only one '/' is possible in a
+resulting filename and only in the leading position. Hence only files
+in the root directory can be written via this vuln and only when ar is
+executed as root.
+
+The fix for the vuln is to not skip any characters while looking
+for '/'.
+
+Signed-off-by: Alexander Cherepanov <cherepan@mccme.ru>
+
+Origin: upstream, https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
+
+Index: elfutils-0.152/libelf/elf_begin.c
+===================================================================
+--- elfutils-0.152.orig/libelf/elf_begin.c	2015-01-16 15:26:26.550551901 -0600
++++ elfutils-0.152/libelf/elf_begin.c	2015-01-16 15:26:26.546551920 -0600
+@@ -762,10 +762,7 @@ read_long_names (Elf *elf)
+ 	    break;
+ 
+ 	  /* NUL-terminate the string.  */
+-	  *runp = '\0';
+-
+-	  /* Skip the NUL byte and the \012.  */
+-	  runp += 2;
++	  *runp++ = '\0';
+ 
+ 	  /* A sanity check.  Somebody might have generated invalid
+ 	     archive.  */
diff -Nru elfutils-0.152/debian/patches/series elfutils-0.152/debian/patches/series
--- elfutils-0.152/debian/patches/series	2011-05-04 09:21:51.000000000 +0000
+++ elfutils-0.152/debian/patches/series	2015-01-16 21:26:24.000000000 +0000
@@ -8,3 +8,4 @@
 testsuite-ignore-elflint.diff
 elf_additions.diff
 fix_ftbfs_with_O3.diff
+CVE-2014-9447.patch