diff -Nru mxml-2.12/debian/changelog mxml-2.12/debian/changelog
--- mxml-2.12/debian/changelog	2018-10-06 09:01:44.000000000 +0000
+++ mxml-2.12/debian/changelog	2019-01-02 09:21:23.000000000 +0000
@@ -1,3 +1,10 @@
+mxml (2.12-2) unstable; urgency=medium
+
+  * CVE-2018-20004: patch from upstream. Closes: #918007
+  * Standards-Version: 4.3.0.
+
+ -- Alastair McKinstry <mckinstry@debian.org>  Wed, 02 Jan 2019 09:21:23 +0000
+
 mxml (2.12-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru mxml-2.12/debian/control mxml-2.12/debian/control
--- mxml-2.12/debian/control	2018-10-06 09:01:44.000000000 +0000
+++ mxml-2.12/debian/control	2019-01-02 09:21:23.000000000 +0000
@@ -2,7 +2,7 @@
 Priority: optional
 Maintainer: Alastair McKinstry <mckinstry@debian.org>
 Build-Depends: debhelper (>= 10)
-Standards-Version: 4.2.1
+Standards-Version: 4.3.0
 Section: libs
 Vcs-Browser: https://salsa.debian.org:/mckinstry/mxml.git
 Vcs-Git: https://salsa.debian.org:/mckinstry/mxml.git
diff -Nru mxml-2.12/debian/patches/cve-2018-20004.patch mxml-2.12/debian/patches/cve-2018-20004.patch
--- mxml-2.12/debian/patches/cve-2018-20004.patch	1970-01-01 00:00:00.000000000 +0000
+++ mxml-2.12/debian/patches/cve-2018-20004.patch	2019-01-02 09:21:23.000000000 +0000
@@ -0,0 +1,40 @@
+Description: Fix for CVS-2018-20004
+ From https://github.com/michaelrsweet/mxml/commit/4f5577dd4672d228e4180f06bdbd66f343ea45e0#diff-d496945b915e8b08736787aca9e8df5a
+Author: Michael R. Sweet
+Bug-Origin: https://bugs.debian.org/918007
+
+Index: mxml-2.12/CHANGES.md
+===================================================================
+--- mxml-2.12.orig/CHANGES.md
++++ mxml-2.12/CHANGES.md
+@@ -1,3 +1,8 @@
++# Changes in Mini-XML CURRENT
++
++- Fixed a potential buffer overflow when writing floating point data
++  (Issue #233)
++
+ # Changes in Mini-XML 2.12
+ 
+ - Added yet more documentation about using `MXML_OPAQUE_CALLBACK` when you want
+Index: mxml-2.12/mxml-file.c
+===================================================================
+--- mxml-2.12.orig/mxml-file.c
++++ mxml-2.12/mxml-file.c
+@@ -2881,7 +2881,7 @@ mxml_write_node(mxml_node_t     *node,	/
+ 	      col ++;
+ 	  }
+ 
+-	  sprintf(s, "%d", current->value.integer);
++	  snprintf(s, sizeof(s), "%d", current->value.integer);
+ 	  if (mxml_write_string(s, p, putc_cb) < 0)
+ 	    return (-1);
+ 
+@@ -2911,7 +2911,7 @@ mxml_write_node(mxml_node_t     *node,	/
+ 	      col ++;
+ 	  }
+ 
+-	  sprintf(s, "%f", current->value.real);
++	  snprintf(s, sizeof(s), "%f", current->value.real);
+ 	  if (mxml_write_string(s, p, putc_cb) < 0)
+ 	    return (-1);
+ 
diff -Nru mxml-2.12/debian/patches/series mxml-2.12/debian/patches/series
--- mxml-2.12/debian/patches/series	2018-10-06 09:01:44.000000000 +0000
+++ mxml-2.12/debian/patches/series	2019-01-02 09:21:23.000000000 +0000
@@ -5,3 +5,4 @@
 06_autoheader-fixes.patch
 07_compile_fixes.patch
 08_cross.patch
+cve-2018-20004.patch