diff -u gnupg-1.4.11/debian/changelog gnupg-1.4.11/debian/changelog
--- gnupg-1.4.11/debian/changelog
+++ gnupg-1.4.11/debian/changelog
@@ -1,4 +1,4 @@
-gnupg (1.4.11-3ubuntu2.8) precise-security; urgency=medium
+gnupg (1.4.11-3ubuntu2.9) precise-security; urgency=medium
 
   * Screen responses from keyservers (LP: #1409117)
     - d/p/0001-Screen-keyserver-responses.dpatch
@@ -28,7 +28,7 @@
       g10/trustdb.c, include/host2net.h.
     - CVE-2015-1607
 
- -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 25 Mar 2015 14:04:15 -0400
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 27 Mar 2015 08:24:00 -0400
 
 gnupg (1.4.11-3ubuntu2.7) precise-security; urgency=medium
 
diff -u gnupg-1.4.11/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.dpatch gnupg-1.4.11/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.dpatch
--- gnupg-1.4.11/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.dpatch
+++ gnupg-1.4.11/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.dpatch
@@ -180,54 +180,6 @@
  	  case oEnableDSA2: opt.flags.dsa2=1; break;
  	  case oDisableDSA2: opt.flags.dsa2=0; break;
  
-diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' gnupg-1.4.11~/g10/keygen.c gnupg-1.4.11/g10/keygen.c
---- gnupg-1.4.11~/g10/keygen.c	2015-03-25 13:57:03.000000000 -0400
-+++ gnupg-1.4.11/g10/keygen.c	2015-03-25 13:58:04.314250226 -0400
-@@ -1044,10 +1044,14 @@
- 
-     assert( is_ELGAMAL(algo) );
- 
--    if( nbits < 512 ) {
--	nbits = 1024;
-+    if( nbits < 1024 ) {
-+	nbits = 2048;
- 	log_info(_("keysize invalid; using %u bits\n"), nbits );
-     }
-+    else if (nbits > 4096) {
-+        nbits = 4096;
-+        log_info(_("keysize invalid; using %u bits\n"), nbits );
-+    }
- 
-     if( (nbits % 32) ) {
- 	nbits = ((nbits + 31) / 32) * 32;
-@@ -1126,7 +1130,7 @@
-     MPI *factors;
-     unsigned int qbits;
- 
--    if( nbits < 512)
-+    if( nbits < 768)
-       {
- 	nbits = 1024;
- 	log_info(_("keysize invalid; using %u bits\n"), nbits );
-@@ -1254,6 +1258,7 @@
-     PKT_public_key *pk;
-     MPI skey[6];
-     MPI *factors;
-+    const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096);
- 
-     assert( is_RSA(algo) );
- 
-@@ -1261,6 +1266,10 @@
- 	nbits = 1024;
- 	log_info(_("keysize invalid; using %u bits\n"), nbits );
-     }
-+    else if (nbits > maxsize) {
-+        nbits = maxsize;
-+        log_info(_("keysize invalid; using %u bits\n"), nbits );
-+    }
- 
-     if( (nbits % 32) ) {
- 	nbits = ((nbits + 31) / 32) * 32;
 diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' gnupg-1.4.11~/g10/options.h gnupg-1.4.11/g10/options.h
 --- gnupg-1.4.11~/g10/options.h	2009-07-20 04:01:58.000000000 -0400
 +++ gnupg-1.4.11/g10/options.h	2015-03-25 13:57:09.113786404 -0400