diff -Nru libcgi-expand-perl-2.05/debian/changelog libcgi-expand-perl-2.05/debian/changelog
--- libcgi-expand-perl-2.05/debian/changelog	2015-06-13 12:21:53.000000000 +0000
+++ libcgi-expand-perl-2.05/debian/changelog	2015-09-19 17:32:13.000000000 +0000
@@ -1,3 +1,12 @@
+libcgi-expand-perl (2.05-4) unstable; urgency=medium
+
+  * Team upload.
+  * Disable warning about CGI::param called in list context.
+    (Closes: #791439)
+  * Declare the package autopkgtestable.
+
+ -- Niko Tyni <ntyni@debian.org>  Sat, 19 Sep 2015 20:31:58 +0300
+
 libcgi-expand-perl (2.05-3) unstable; urgency=medium
 
   * Team upload.
diff -Nru libcgi-expand-perl-2.05/debian/control libcgi-expand-perl-2.05/debian/control
--- libcgi-expand-perl-2.05/debian/control	2015-06-13 12:21:53.000000000 +0000
+++ libcgi-expand-perl-2.05/debian/control	2015-09-19 17:31:55.000000000 +0000
@@ -16,6 +16,7 @@
 Vcs-Git: git://anonscm.debian.org/pkg-perl/packages/libcgi-expand-perl.git
 Vcs-Browser: https://anonscm.debian.org/cgit/pkg-perl/packages/libcgi-expand-perl.git
 Homepage: https://metacpan.org/release/CGI-Expand
+Testsuite: autopkgtest-pkg-perl
 
 Package: libcgi-expand-perl
 Architecture: all
diff -Nru libcgi-expand-perl-2.05/debian/patches/0001-Disable-warning-about-CGI-param-called-in-list-conte.patch libcgi-expand-perl-2.05/debian/patches/0001-Disable-warning-about-CGI-param-called-in-list-conte.patch
--- libcgi-expand-perl-2.05/debian/patches/0001-Disable-warning-about-CGI-param-called-in-list-conte.patch	1970-01-01 00:00:00.000000000 +0000
+++ libcgi-expand-perl-2.05/debian/patches/0001-Disable-warning-about-CGI-param-called-in-list-conte.patch	2015-09-19 17:29:25.000000000 +0000
@@ -0,0 +1,29 @@
+From 310aea92aaa91fbcba353591bfd68b13b8b183a4 Mon Sep 17 00:00:00 2001
+From: Niko Tyni <ntyni@debian.org>
+Date: Sat, 4 Jul 2015 23:29:40 +0300
+Subject: [PATCH] Disable warning about CGI::param called in list context
+
+The code explicitly handles param() returning multiple values,
+disarming the parameter injection vulnerability.
+
+Bug-Debian: https://bugs.debian.org/791439
+---
+ Expand.pm | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/Expand.pm b/Expand.pm
+index eb85850..e6be854 100644
+--- a/Expand.pm
++++ b/Expand.pm
+@@ -62,6 +62,8 @@ sub expand_cgi {
+ 
+     # permit multiple values CGI style
+     for ($cgi->param) {
++        # multiple values are explicitly handled
++        local $CGI::LIST_CONTEXT_WARN = 0;
+         next if (/\.[xy]$/); # img_submit=val & img_submit.x=20 -> clash
+         my @vals = $cgi->param($_);
+         $args{$_} = @vals > 1 ? \@vals : $vals[0];
+-- 
+2.5.1
+
diff -Nru libcgi-expand-perl-2.05/debian/patches/series libcgi-expand-perl-2.05/debian/patches/series
--- libcgi-expand-perl-2.05/debian/patches/series	1970-01-01 00:00:00.000000000 +0000
+++ libcgi-expand-perl-2.05/debian/patches/series	2015-09-19 17:28:15.000000000 +0000
@@ -0,0 +1 @@
+0001-Disable-warning-about-CGI-param-called-in-list-conte.patch