diff -Nru kildclient-2.11.1/debian/changelog kildclient-2.11.1/debian/changelog
--- kildclient-2.11.1/debian/changelog	2013-10-21 12:15:38.000000000 +0000
+++ kildclient-2.11.1/debian/changelog	2018-02-06 14:36:42.000000000 +0000
@@ -1,14 +1,22 @@
-kildclient (2.11.1-1build2) trusty; urgency=low
+kildclient (2.11.1-1+deb7u2build0.14.04.1) trusty-security; urgency=medium
 
-  * Rebuild for Perl 5.18.
+  * fake sync from Debian
 
- -- Colin Watson <cjwatson@ubuntu.com>  Mon, 21 Oct 2013 13:15:38 +0100
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 06 Feb 2018 09:36:42 -0500
 
-kildclient (2.11.1-1build1) precise; urgency=low
+kildclient (2.11.1-1+deb7u2) wheezy-security; urgency=high
 
-  * Rebuild for Perl 5.14.
+  * Added build-dependency on python to fix FTBS due to the need to run
+    gtk-builder-convert during build time.
 
- -- Colin Watson <cjwatson@ubuntu.com>  Wed, 16 Nov 2011 17:03:30 +0000
+ -- Eduardo M Kalinowski <eduardo@kalinowski.com.br>  Sun, 17 Dec 2017 08:13:16 -0200
+
+kildclient (2.11.1-1+deb7u1) wheezy-security; urgency=high
+
+  * Fix for CVE-2017-17511. New dependency 'gvfs' required in order to use
+    GTK+ function for opening URLs.
+
+ -- Eduardo M Kalinowski <eduardo@kalinowski.com.br>  Sat, 16 Dec 2017 11:56:41 -0200
 
 kildclient (2.11.1-1) unstable; urgency=low
 
diff -Nru kildclient-2.11.1/debian/control kildclient-2.11.1/debian/control
--- kildclient-2.11.1/debian/control	2011-05-29 20:14:01.000000000 +0000
+++ kildclient-2.11.1/debian/control	2017-12-17 10:11:54.000000000 +0000
@@ -2,7 +2,7 @@
 Section: games
 Priority: optional
 Maintainer: Eduardo M Kalinowski <eduardo@kalinowski.com.br>
-Build-Depends: debhelper (>= 8), autotools-dev, libglib2.0-dev (>= 2.14.0), libgtk2.0-dev (>= 2.18.0), libperl-dev (>= 5.10.0), gettext (>= 0.14.5), libgtkspell-dev, libgnutls-dev (>= 2.2.0), zlib1g-dev
+Build-Depends: debhelper (>= 8), autotools-dev, libglib2.0-dev (>= 2.14.0), libgtk2.0-dev (>= 2.18.0), libperl-dev (>= 5.10.0), gettext (>= 0.14.5), libgtkspell-dev, libgnutls-dev (>= 2.2.0), zlib1g-dev, python
 Standards-Version: 3.9.2
 Homepage: http://kildclient.sf.net
 Vcs-Browser: http://kildclient.svn.sourceforge.net/viewvc/kildclient/trunk/debian/
@@ -10,7 +10,7 @@
 
 Package: kildclient
 Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, liblocale-gettext-perl
+Depends: ${shlibs:Depends}, ${misc:Depends}, liblocale-gettext-perl, gvfs
 Suggests: kildclient-doc, libgtk2-perl
 Description: powerful MUD client with a built-in Perl interpreter
  KildClient is a MUD Client written with the GTK+ windowing toolkit.
diff -Nru kildclient-2.11.1/debian/patches/cve-2017-17511.patch kildclient-2.11.1/debian/patches/cve-2017-17511.patch
--- kildclient-2.11.1/debian/patches/cve-2017-17511.patch	1970-01-01 00:00:00.000000000 +0000
+++ kildclient-2.11.1/debian/patches/cve-2017-17511.patch	2017-12-17 10:10:04.000000000 +0000
@@ -0,0 +1,192 @@
+Description: Fix for CVE-2017-17511
+ Uses a GTK+ function to open URLs, instead of using a command
+ supplied by the user or $BROWSER.
+Author: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>
+Last-Update: 2017-12-16
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/kildclient.h
++++ b/src/kildclient.h
+@@ -599,7 +599,6 @@
+   GtkPositionType  tab_position;
+   gboolean         hide_single_tab;
+   gboolean         urgency_hint;
+-  char            *browser_command;
+   char            *audio_player_command;
+   char            *last_open_world;
+   gboolean         no_plugin_help_msg;
+--- a/src/prefs.c
++++ b/src/prefs.c
+@@ -94,7 +94,6 @@
+   GObject          *txtProxyUser;
+   GObject          *txtProxyPassword;
+ #ifndef __WIN32__
+-  GObject          *txtBrowserCommand;
+   GObject          *txtAudioPlayerCommand;
+ #else
+   GtkWidget        *tabPrograms;
+@@ -181,12 +180,6 @@
+ 
+ #ifndef __WIN32__
+     /* Load commands */
+-    txtBrowserCommand = gtk_builder_get_object(main_builder, "txtBrowserCommand");
+-    gtk_entry_set_text(GTK_ENTRY(txtBrowserCommand),
+-                       globalPrefs.browser_command);
+-    g_signal_connect(txtBrowserCommand, "focus_out_event",
+-                     G_CALLBACK(txt_cmd_focus_out_cb),
+-                     &globalPrefs.browser_command);
+     txtAudioPlayerCommand
+       = gtk_builder_get_object(main_builder, "txtAudioPlayerCommand");
+     gtk_entry_set_text(GTK_ENTRY(txtAudioPlayerCommand),
+@@ -322,9 +315,6 @@
+   }
+ 
+   /* Has the commands been set? */
+-  if (!globalPrefs.browser_command) {
+-    globalPrefs.browser_command = g_strdup("${BROWSER} \"%s\" &");
+-  }
+   if (!globalPrefs.audio_player_command) {
+     globalPrefs.audio_player_command = g_strdup("play \"%s\" &");
+   }
+@@ -383,8 +373,6 @@
+       globalPrefs.hide_single_tab = atoi(line + pos + 1);
+     } else if (strcmp(first_word, "urgencyhint") == 0) {
+       globalPrefs.urgency_hint = atoi(line + pos + 1);
+-    } else if (strcmp(first_word, "browsercommand") == 0) {
+-      globalPrefs.browser_command = g_strdup(line + pos + 1);
+     } else if (strcmp(first_word, "audioplayercommand") == 0) {
+       globalPrefs.audio_player_command = g_strdup(line + pos + 1);
+     } else if (strcmp(first_word, "lastopenworld") == 0) {
+@@ -478,8 +466,6 @@
+   g_string_append_printf(str, "urgencyhint %d\n", globalPrefs.urgency_hint);
+ 
+   g_string_append_printf(str,
+-                         "browsercommand %s\n", globalPrefs.browser_command);
+-  g_string_append_printf(str,
+                          "audioplayercommand %s\n",
+                          globalPrefs.audio_player_command);
+ 
+--- a/src/worldgui.c
++++ b/src/worldgui.c
+@@ -1145,13 +1145,15 @@
+ void
+ menu_url_open(GtkAction *action, char *url)
+ {
+-  char *to_run;
++  GError *err = NULL;
+ 
+-  to_run = g_strdup_printf(globalPrefs.browser_command, url);
++  gtk_show_uri(NULL, url, GDK_CURRENT_TIME, &err);
++  if (err != NULL) {
++    fprintf(stderr, "Error opening URL: %s\nCheck if gvfs is installed\n",
++            err->message);
++    g_error_free(err);
++  }
+ 
+-  system(to_run);
+-
+-  g_free(to_run);
+   g_free(url);
+ }
+ #else /* defined __WIN32__ */
+--- a/src/dlgPreferences.glade
++++ b/src/dlgPreferences.glade
+@@ -453,89 +453,6 @@
+                 <property name="orientation">vertical</property>
+                 <property name="spacing">18</property>
+                 <child>
+-                  <widget class="GtkVBox" id="vbox_browser">
+-                    <property name="visible">True</property>
+-                    <property name="orientation">vertical</property>
+-                    <property name="spacing">6</property>
+-                    <child>
+-                      <widget class="GtkLabel" id="label46">
+-                        <property name="visible">True</property>
+-                        <property name="xalign">0</property>
+-                        <property name="yalign">0</property>
+-                        <property name="label" translatable="yes">&lt;b&gt;Web Browser&lt;/b&gt;</property>
+-                        <property name="use_markup">True</property>
+-                      </widget>
+-                      <packing>
+-                        <property name="expand">False</property>
+-                        <property name="fill">False</property>
+-                        <property name="position">0</property>
+-                      </packing>
+-                    </child>
+-                    <child>
+-                      <widget class="GtkHBox" id="hbox_ident_browser">
+-                        <property name="visible">True</property>
+-                        <child>
+-                          <widget class="GtkLabel" id="label_ident_browser">
+-                            <property name="visible">True</property>
+-                            <property name="label">    </property>
+-                          </widget>
+-                          <packing>
+-                            <property name="expand">False</property>
+-                            <property name="fill">False</property>
+-                            <property name="position">0</property>
+-                          </packing>
+-                        </child>
+-                        <child>
+-                          <widget class="GtkVBox" id="vbox_int_browser">
+-                            <property name="visible">True</property>
+-                            <property name="orientation">vertical</property>
+-                            <property name="spacing">6</property>
+-                            <property name="homogeneous">True</property>
+-                            <child>
+-                              <widget class="GtkEntry" id="txtBrowserCommand">
+-                                <property name="visible">True</property>
+-                                <property name="can_focus">True</property>
+-                                <property name="tooltip" translatable="yes">Specify the command used to launch a web browser</property>
+-                                <property name="invisible_char">&#x25CF;</property>
+-                                <property name="activates_default">True</property>
+-                              </widget>
+-                              <packing>
+-                                <property name="expand">False</property>
+-                                <property name="fill">False</property>
+-                                <property name="position">0</property>
+-                              </packing>
+-                            </child>
+-                            <child>
+-                              <widget class="GtkLabel" id="label49">
+-                                <property name="visible">True</property>
+-                                <property name="xalign">0</property>
+-                                <property name="label" translatable="yes">Enter the command to run a web browser. %s will be substituted by the web page address.</property>
+-                                <property name="wrap">True</property>
+-                              </widget>
+-                              <packing>
+-                                <property name="expand">False</property>
+-                                <property name="fill">False</property>
+-                                <property name="position">1</property>
+-                              </packing>
+-                            </child>
+-                          </widget>
+-                          <packing>
+-                            <property name="position">1</property>
+-                          </packing>
+-                        </child>
+-                      </widget>
+-                      <packing>
+-                        <property name="position">1</property>
+-                      </packing>
+-                    </child>
+-                  </widget>
+-                  <packing>
+-                    <property name="expand">False</property>
+-                    <property name="fill">False</property>
+-                    <property name="position">0</property>
+-                  </packing>
+-                </child>
+-                <child>
+                   <widget class="GtkVBox" id="vbox_player">
+                     <property name="visible">True</property>
+                     <property name="orientation">vertical</property>
+@@ -618,7 +535,7 @@
+                 </child>
+               </widget>
+               <packing>
+-                <property name="position">2</property>
++                <property name="position">1</property>
+               </packing>
+             </child>
+             <child>
diff -Nru kildclient-2.11.1/debian/patches/series kildclient-2.11.1/debian/patches/series
--- kildclient-2.11.1/debian/patches/series	1970-01-01 00:00:00.000000000 +0000
+++ kildclient-2.11.1/debian/patches/series	2017-12-17 10:10:04.000000000 +0000
@@ -0,0 +1 @@
+cve-2017-17511.patch