diff -Nru mailcap-3.68ubuntu1/debian/changelog mailcap-3.69ubuntu1/debian/changelog
--- mailcap-3.68ubuntu1/debian/changelog	2021-01-07 01:59:43.000000000 +0000
+++ mailcap-3.69ubuntu1/debian/changelog	2021-04-28 01:49:24.000000000 +0000
@@ -1,3 +1,21 @@
+mailcap (3.69ubuntu1) impish; urgency=low
+
+  * Merge from Debian unstable. Remaining changes:
+    - Add "cautious-launcher" for handling execution of files that are
+      outside /usr and /opt.
+
+ -- Steve Langasek <steve.langasek@ubuntu.com>  Tue, 27 Apr 2021 18:49:24 -0700
+
+mailcap (3.69) unstable; urgency=high
+
+  7e52733 Revert 66f82f1 that broke opening of file names with unquoted
+          characters and created a possibility to inject arbitrary
+          commmands. Thanks to Marriott NZ (Closes: #982060)
+  831845e Correct inaccuracy in run-mailcap's manual page.
+          Thanks to Marriott NZ
+
+ -- Charles Plessy <plessy@debian.org>  Fri, 26 Feb 2021 03:24:36 +0900
+
 mailcap (3.68ubuntu1) hirsute; urgency=low
 
   * Merge from Debian unstable. Remaining changes:
diff -Nru mailcap-3.68ubuntu1/run-mailcap mailcap-3.69ubuntu1/run-mailcap
--- mailcap-3.68ubuntu1/run-mailcap	2020-12-27 02:43:55.000000000 +0000
+++ mailcap-3.69ubuntu1/run-mailcap	2021-02-25 21:59:35.000000000 +0000
@@ -477,7 +477,7 @@
         if ($file ne "-") {
             # Resolve file name to an absolute path
             $file = File::Spec->rel2abs($file);
-            if (decode(langinfo(CODESET()), $file) =~ m![^[:alnum:],.:/@%^+=_-]!i and $0 !~ "open") {
+            if (decode(langinfo(CODESET()), $file) =~ m![^[:alnum:],.:/@%^+=_-]!i) {
                 $match =~ m/nametemplate=(.*?)\s*($|;)/;
                 my $prefix = $1;
                 my $linked = 0;
diff -Nru mailcap-3.68ubuntu1/run-mailcap.man mailcap-3.69ubuntu1/run-mailcap.man
--- mailcap-3.68ubuntu1/run-mailcap.man	2020-12-27 02:43:55.000000000 +0000
+++ mailcap-3.69ubuntu1/run-mailcap.man	2021-02-25 21:59:35.000000000 +0000
@@ -80,7 +80,7 @@
 .BI \-\-norun
 Displays the found command without actually executing it.
 .SH SECURITY
-A temporary copy of the file is opened if the file name matches the Perl
+A temporary symbolic link to the file is opened if the file name matches the Perl
 regular expression "[^[:alnum:],.:/@%^+=_-]", in order to protect from the
 injection of shell commands, and to make sure that the name can always be
 displayed in the current locale.  In addition, the file is opened using its