diff -Nru libpam-sshauth-0.3.1/debian/changelog libpam-sshauth-0.3.1/debian/changelog
--- libpam-sshauth-0.3.1/debian/changelog	2016-02-05 00:21:32.000000000 +0000
+++ libpam-sshauth-0.3.1/debian/changelog	2016-05-21 06:44:07.000000000 +0000
@@ -1,3 +1,19 @@
+libpam-sshauth (0.3.1-1ubuntu2) xenial-security; urgency=medium
+
+  * Security merge from debian.
+
+ -- Steve Beattie <sbeattie@ubuntu.com>  Fri, 20 May 2016 23:42:56 -0700
+
+libpam-sshauth (0.3.1-1+deb8u1) jessie-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * CVE-2016-4422: local root privilege escalation.
+    Return PAM_AUTH_ERR when a system user. This prevents the pam module
+    from returning success without asking for authentication credentials.
+    Thanks to Vagrant Cascadian <vagrant@debian.org>
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Wed, 04 May 2016 10:55:45 +0200
+
 libpam-sshauth (0.3.1-1ubuntu1) xenial; urgency=medium
 
   * debian/patches/add-back-support-for-publickey-authentication.patch: Added back
diff -Nru libpam-sshauth-0.3.1/debian/control libpam-sshauth-0.3.1/debian/control
--- libpam-sshauth-0.3.1/debian/control	2016-02-04 23:52:28.000000000 +0000
+++ libpam-sshauth-0.3.1/debian/control	2016-05-21 06:44:28.000000000 +0000
@@ -1,7 +1,8 @@
 Source: libpam-sshauth
 Section: admin
 Priority: extra
-Maintainer: LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org> 
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org> 
 Uploaders: Vagrant Cascadian <vagrant@debian.org>
 Build-Depends: debhelper (>= 9), libssh2-1-dev, libpam0g-dev | libpam-dev, dh-autoreconf, pkg-config, zlib1g-dev
 Standards-Version: 3.9.4
diff -Nru libpam-sshauth-0.3.1/debian/patches/return-pam-auth-err-with-system-user libpam-sshauth-0.3.1/debian/patches/return-pam-auth-err-with-system-user
--- libpam-sshauth-0.3.1/debian/patches/return-pam-auth-err-with-system-user	1970-01-01 00:00:00.000000000 +0000
+++ libpam-sshauth-0.3.1/debian/patches/return-pam-auth-err-with-system-user	2016-05-21 06:42:26.000000000 +0000
@@ -0,0 +1,31 @@
+Description: CVE-2016-4422: local root privilege escalation
+ Return PAM_AUTH_ERR when a system user. This prevents the pam module
+ from returning success without asking for authentication credentials!
+Origin: upstream, https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114
+Forwarded: not-needed
+Author: Vagrant Cascadian <vagrant@debian.org>
+Last-Update: 2016-05-04
+
+
+diff --git a/src/pam_sshauth.c b/src/pam_sshauth.c
+index 939ea79..879c9e5 100644
+--- a/src/pam_sshauth.c
++++ b/src/pam_sshauth.c
+@@ -101,7 +100,7 @@ pam_sm_authenticate (pam_handle_t * pamh, int flags, int argc,
+     }
+ 
+   /*
+-   * Is it a system user?  Succeed.
++   * Is it a system user?  Fail.
+    */
+ 
+   pam_debug (pamh, "username %s", username);
+@@ -110,7 +109,7 @@ pam_sm_authenticate (pam_handle_t * pamh, int flags, int argc,
+     {
+       if (pwent->pw_uid < UID_MIN)
+         {
+-          return PAM_SUCCESS;
++          return PAM_AUTH_ERR;
+         }
+     }
+ 
diff -Nru libpam-sshauth-0.3.1/debian/patches/series libpam-sshauth-0.3.1/debian/patches/series
--- libpam-sshauth-0.3.1/debian/patches/series	2016-02-04 23:52:28.000000000 +0000
+++ libpam-sshauth-0.3.1/debian/patches/series	2016-05-21 06:42:26.000000000 +0000
@@ -1 +1,2 @@
 add-back-support-for-publickey-authentication.patch
+return-pam-auth-err-with-system-user