diff -Nru leptonlib-1.75.3/debian/changelog leptonlib-1.75.3/debian/changelog
--- leptonlib-1.75.3/debian/changelog	2018-02-16 23:26:11.000000000 +0000
+++ leptonlib-1.75.3/debian/changelog	2018-03-02 20:04:13.000000000 +0000
@@ -1,3 +1,9 @@
+leptonlib (1.75.3-3) unstable; urgency=medium
+
+  * Apply fix for CVE-2018-7440 (closes: #81932)
+
+ -- Jeff Breidenbach <jab@debian.org>  Fri, 02 Mar 2018 12:04:13 -0800
+
 leptonlib (1.75.3-2) unstable; urgency=medium
 
   * Fix fscanf buffer overflow (closes: #890548)
diff -Nru leptonlib-1.75.3/debian/patches/CVE-2018-7440 leptonlib-1.75.3/debian/patches/CVE-2018-7440
--- leptonlib-1.75.3/debian/patches/CVE-2018-7440	1970-01-01 00:00:00.000000000 +0000
+++ leptonlib-1.75.3/debian/patches/CVE-2018-7440	2018-03-02 20:04:13.000000000 +0000
@@ -0,0 +1,28 @@
+Description: CVE-2018-7440
+ An issue was discovered in Leptonica through 1.75.3. The
+ gplotMakeOutput function allows command injection via a $(command)
+ approach in the gplot rootname argument. This issue exists because of
+ an incomplete fix for CVE-2018-3836.
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: upstream https://github.com/DanBloomberg/leptonica/pull/313/commits/49ecb6c2dfd6ed5078c62f4a8eeff03e3beced3b
+Bug: unknown
+Bug-Debian: https://bugs.debian.org/891932
+Reviewed-By: Jeff Breidenbach <jab@debian.org>, Dan Bloomberg
+Last-Update: 2018-03-02
+
+--- leptonlib-1.75.3.orig/src/gplot.c
++++ leptonlib-1.75.3/src/gplot.c
+@@ -153,7 +153,7 @@ GPLOT   *gplot;
+     if (outformat != GPLOT_PNG && outformat != GPLOT_PS &&
+         outformat != GPLOT_EPS && outformat != GPLOT_LATEX)
+         return (GPLOT *)ERROR_PTR("outformat invalid", procName, NULL);
+-    stringCheckForChars(rootname, "`;&|><\"?*", &badchar);
++    stringCheckForChars(rootname, "`;&|><\"?*$()", &badchar);
+     if (badchar)  /* danger of command injection */
+         return (GPLOT *)ERROR_PTR("invalid rootname", procName, NULL);
+ 
diff -Nru leptonlib-1.75.3/debian/patches/series leptonlib-1.75.3/debian/patches/series
--- leptonlib-1.75.3/debian/patches/series	2018-02-16 23:23:02.000000000 +0000
+++ leptonlib-1.75.3/debian/patches/series	2018-03-02 20:04:13.000000000 +0000
@@ -1 +1,2 @@
 fscanf
+CVE-2018-7440