diff -Nru libmms-0.6.2/debian/changelog libmms-0.6.2/debian/changelog
--- libmms-0.6.2/debian/changelog	2013-12-30 09:43:34.000000000 +0000
+++ libmms-0.6.2/debian/changelog	2016-05-03 18:45:22.000000000 +0000
@@ -1,3 +1,11 @@
+libmms (0.6.2-3ubuntu2.1) trusty-security; urgency=medium
+
+  * SECURITY UPDATE: heap based buffer overrun
+    - debian/patches/0002-CVE-2014-2892.patch: check length in src/mmsh.c.
+    - CVE-2014-2892
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 03 May 2016 14:44:09 -0400
+
 libmms (0.6.2-3ubuntu2) trusty; urgency=medium
 
   * Build with dh-autoreconf instead of autotools-dev for new libtool.
diff -Nru libmms-0.6.2/debian/patches/0002-CVE-2014-2892.patch libmms-0.6.2/debian/patches/0002-CVE-2014-2892.patch
--- libmms-0.6.2/debian/patches/0002-CVE-2014-2892.patch	1970-01-01 00:00:00.000000000 +0000
+++ libmms-0.6.2/debian/patches/0002-CVE-2014-2892.patch	2016-05-03 18:44:01.000000000 +0000
@@ -0,0 +1,22 @@
+Description: Fix heap based buffer overrun
+Bug-Debian: https://bugs.debian.org/745301
+Origin: upstream,
+ http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
+Last-Update: 2014-04-25
+
+diff --git a/src/mmsh.c b/src/mmsh.c
+index f7cee4a..bca7fb8 100644
+--- a/src/mmsh.c
++++ b/src/mmsh.c
+@@ -307,7 +307,10 @@ static int get_answer (mms_io_t *io, mmsh_t *this) {
+         len = 0;
+       }
+     } else {
+-      len ++;
++      if (++len >= sizeof(this->buf)) {
++        lprintf("answer too large\n");
++        return 0;
++      }
+     }
+   }
+   if (this->stream_type == MMSH_UNKNOWN) {
diff -Nru libmms-0.6.2/debian/patches/series libmms-0.6.2/debian/patches/series
--- libmms-0.6.2/debian/patches/series	2012-02-14 10:03:15.000000000 +0000
+++ libmms-0.6.2/debian/patches/series	2016-05-03 18:44:01.000000000 +0000
@@ -1 +1,2 @@
 0001-Fixup-bswap.h-macros.patch
+0002-CVE-2014-2892.patch