diff -Nru konversation-1.5/debian/changelog konversation-1.5/debian/changelog
--- konversation-1.5/debian/changelog	2014-03-09 12:19:10.000000000 +0000
+++ konversation-1.5/debian/changelog	2017-11-21 23:11:40.000000000 +0000
@@ -1,3 +1,22 @@
+konversation (1.5-1ubuntu1.14.04.2) trusty-security; urgency=high
+
+  * SECURITY UPDATE: Crash in IRC message parsing (LP: #1731797):
+    - kubuntu_03_CVE-2017-15923.diff: ensure integer overflow has not
+      happened
+    - CVE-2017-15923
+    - https://www.kde.org/info/security/advisory-20171112-1.txt
+
+ -- Simon Quigley <tsimonq2@ubuntu.com>  Tue, 21 Nov 2017 15:11:10 -0800
+
+konversation (1.5-1ubuntu1.14.04.1) trusty-security; urgency=medium
+
+  * SECURITY UPDATE: out-of-bounds read on a heap-allocated array LP: #1389296
+    - Add kubuntu_02_cve-2014-8483.diff to verify read bounds
+    - CVE-2014-8483
+    - https://www.kde.org/info/security/advisory-20140923-1.txt
+
+ -- Jonathan Riddell <jriddell@ubuntu.com>  Tue, 04 Nov 2014 17:35:50 +0100
+
 konversation (1.5-1ubuntu1) trusty; urgency=low
 
   * Merge from Debian unstable.  Remaining changes:
diff -Nru konversation-1.5/debian/patches/kubuntu_02_cve-2014-8483.diff konversation-1.5/debian/patches/kubuntu_02_cve-2014-8483.diff
--- konversation-1.5/debian/patches/kubuntu_02_cve-2014-8483.diff	1970-01-01 00:00:00.000000000 +0000
+++ konversation-1.5/debian/patches/kubuntu_02_cve-2014-8483.diff	2014-11-04 17:05:19.000000000 +0000
@@ -0,0 +1,48 @@
+Description: konversation: out-of-bounds read on a heap-allocated array
+ Konversation's Blowfish ECB encryption support assumes incoming blocks
+ to be the expected 12 bytes. The lack of a sanity-check for the actual
+ size can cause a denial of service (crash) and an information leak of
+ up to 11 bytes due to an out-of-bounds read on a heap-allocated array.
+Author: Eike Hein <hein@kde.org>
+Origin: upstream, https://www.kde.org/info/security/advisory-20140923-1.txt 
+Reviewed-by: Jonathan Riddell
+Last-Update: 2014-11-04
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/cipher.cpp
++++ b/src/cipher.cpp
+@@ -353,8 +353,12 @@
+         }
+         else
+         {
++        // ECB Blowfish encodes in blocks of 12 chars, so anything else is malformed input
++        if ((temp.length() % 12) != 0)
++            return cipherText;
++
+             temp = b64ToByte(temp);
+-            while((temp.length() % 8) != 0) temp.append('\0');
++            while ((temp.length() % 8) != 0) temp.append('\0');
+         }
+ 
+         QCA::Direction dir = (direction) ? QCA::Encode : QCA::Decode;
+@@ -362,11 +366,17 @@
+         QByteArray temp2 = cipher.update(QCA::MemoryRegion(temp)).toByteArray();
+         temp2 += cipher.final().toByteArray();
+ 
+-        if(!cipher.ok())
++        if (!cipher.ok())
+             return cipherText;
+ 
+-        if(direction)
++        if (direction)
++        {
++            // Sanity check
++            if ((temp2.length() % 8) != 0)
++                return cipherText;
++
+             temp2 = byteToB64(temp2);
++        }
+ 
+         return temp2;
+     }
+
diff -Nru konversation-1.5/debian/patches/kubuntu_03_CVE-2017-15923.diff konversation-1.5/debian/patches/kubuntu_03_CVE-2017-15923.diff
--- konversation-1.5/debian/patches/kubuntu_03_CVE-2017-15923.diff	1970-01-01 00:00:00.000000000 +0000
+++ konversation-1.5/debian/patches/kubuntu_03_CVE-2017-15923.diff	2017-11-21 23:11:07.000000000 +0000
@@ -0,0 +1,31 @@
+Description: Stay within bounds
+ This patch fixes CVE-2017-15923.
+Author: Eli MacKenzie <argonel@gmail.com>
+Origin: upstream
+Bug: https://www.kde.org/info/security/advisory-20171112-1.txt
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1731797
+Applied-Upstream: 6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
+Reviewed-by: Eike Hein <hein@kde.org>
+Last-Update: 2017-11-12
+--- a/src/viewer/ircview.cpp
++++ b/src/viewer/ircview.cpp
+@@ -1637,7 +1637,8 @@ QString IRCView::closeToTagString(TextHt
+     }
+ 
+     // reopen relevant tags
+-    ret += openTags(data, i);
++    if (i > -1)
++        ret += openTags(data, i);
+ 
+     return ret;
+ }
+@@ -1645,7 +1646,8 @@ QString IRCView::closeToTagString(TextHt
+ QString IRCView::openTags(TextHtmlData* data, int from)
+ {
+     QString ret, tag;
+-    int i = from;
++    int i = from > -1 ? from : 0;
++
+     for ( ;  i < data->openHtmlTags.count(); ++i)
+     {
+         tag = data->openHtmlTags.at(i);
diff -Nru konversation-1.5/debian/patches/series konversation-1.5/debian/patches/series
--- konversation-1.5/debian/patches/series	2014-03-09 12:14:37.000000000 +0000
+++ konversation-1.5/debian/patches/series	2017-11-21 23:11:07.000000000 +0000
@@ -1,3 +1,5 @@
 debian_dbug_autoreplace.diff
 #debian_channel.diff
 kubuntu_01_default_channels.diff
+kubuntu_02_cve-2014-8483.diff
+kubuntu_03_CVE-2017-15923.diff