diff -Nru fricas-1.3.8/debian/changelog fricas-1.3.8/debian/changelog
--- fricas-1.3.8/debian/changelog	2023-06-08 14:04:06.000000000 +0000
+++ fricas-1.3.8/debian/changelog	2023-06-11 15:51:01.000000000 +0000
@@ -1,3 +1,11 @@
+fricas (1.3.8-8) unstable; urgency=medium
+
+  * rewrite strcpy lines in sockio-c.c to work around fortify object size
+    detection bug.  As previously written, size available in pad was
+    incorrectly calculated as 14.
+
+ -- Camm Maguire <camm@debian.org>  Sun, 11 Jun 2023 11:51:01 -0400
+
 fricas (1.3.8-7) unstable; urgency=medium
 
   * Build depend on libxpm-dev, xvfb in place of libx11-dev.
diff -Nru fricas-1.3.8/debian/patches/series fricas-1.3.8/debian/patches/series
--- fricas-1.3.8/debian/patches/series	2022-07-03 17:45:02.000000000 +0000
+++ fricas-1.3.8/debian/patches/series	2023-06-11 15:51:01.000000000 +0000
@@ -9,3 +9,4 @@
 # autoupdate1
 # autoupdate2
 autoupdate3
+strcpy_fortify_bug_workaround
diff -Nru fricas-1.3.8/debian/patches/strcpy_fortify_bug_workaround fricas-1.3.8/debian/patches/strcpy_fortify_bug_workaround
--- fricas-1.3.8/debian/patches/strcpy_fortify_bug_workaround	1970-01-01 00:00:00.000000000 +0000
+++ fricas-1.3.8/debian/patches/strcpy_fortify_bug_workaround	2023-06-11 15:51:01.000000000 +0000
@@ -0,0 +1,62 @@
+Description: <short summary of the patch>
+ TODO: Put a short summary on the line above and replace this paragraph
+ with a longer explanation of this change. Complete the meta-information
+ with other relevant fields (see below for details). To make it easier, the
+ information below has been extracted from the changelog. Adjust it or drop
+ it.
+ .
+ fricas (1.3.8-8) unstable; urgency=medium
+ .
+   * rewrite strcpy lines in sockio-c.c to work around fortify object size
+     detection bug.  As previously written, size available in pad was
+     incorrectly calculated as 14.
+Author: Camm Maguire <camm@debian.org>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout https://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: (upstream|backport|vendor|other), (<patch-url>|commit:<commit-id>)
+Bug: <upstream-bugtracker-url>
+Bug-Debian: https://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: (no|not-needed|<patch-forwarded-url>)
+Applied-Upstream: <version>, (<commit-url>|commit:<commid-id>)
+Reviewed-By: <name and email of someone who approved/reviewed the patch>
+Last-Update: 2023-06-11
+
+--- fricas-1.3.8.orig/src/lib/sockio-c.c
++++ fricas-1.3.8/src/lib/sockio-c.c
+@@ -734,6 +734,7 @@ connect_to_local_server(char *server_nam
+ {
+   int max_con=(time_out == 0 ? 1000000 : time_out), i, code=-1;
+   Sock *sock;
++  int j=((char *)(&(sock->addr.u_addr.sa_data))-(char *)(&(sock->addr.u_addr)));
+   char name[256];
+ 
+   make_server_name(name, server_name);
+@@ -753,9 +754,7 @@ connect_to_local_server(char *server_nam
+   }
+   /* connect socket using name specified in command line */
+   sock->addr.u_addr.sa_family = FRICAS_AF_LOCAL;
+-  strcpy(sock->addr.pad +
+-          ((char *)(&(sock->addr.u_addr.sa_data))
+-           -(char *)(&(sock->addr.u_addr))), name);
++  strcpy(sock->addr.pad+j, name);
+   for(i=0; i<max_con; i++) {
+     code = connect(sock->socket, &sock->addr.u_addr,
+                    sizeof(sock->addr.pad));
+@@ -924,10 +923,9 @@ open_server(char *server_name)
+     return -2;
+   } else {
+     Sock * sock = &(server[1]);
++    int j=((char *)(&(sock->addr.u_addr.sa_data))-(char *)(&(sock->addr.u_addr)));
+     sock->addr.u_addr.sa_family = FRICAS_AF_LOCAL;
+-    strcpy(sock->addr.pad +
+-          ((char *)(&(sock->addr.u_addr.sa_data))
+-           -(char *)(&(sock->addr.u_addr))), name);
++    strcpy(sock->addr.pad+j, name);
+     if (bind(sock->socket, &(sock->addr.u_addr),
+              sizeof(sock->addr.pad))) {
+       perror("binding local server socket");