diff -u vnc4-4.1.1+xorg4.3.0/common/rfb/SConnection.cxx vnc4-4.1.1+xorg4.3.0/common/rfb/SConnection.cxx
--- vnc4-4.1.1+xorg4.3.0/common/rfb/SConnection.cxx
+++ vnc4-4.1.1+xorg4.3.0/common/rfb/SConnection.cxx
@@ -188,7 +188,7 @@
     if (*i == secType)
       break;
 
-  if (*i != secType)
+  if (i == secTypes.end())
     throwConnFailedException("Unexpected security type");
 
   try {
diff -u vnc4-4.1.1+xorg4.3.0/debian/changelog vnc4-4.1.1+xorg4.3.0/debian/changelog
--- vnc4-4.1.1+xorg4.3.0/debian/changelog
+++ vnc4-4.1.1+xorg4.3.0/debian/changelog
@@ -1,3 +1,12 @@
+vnc4 (4.1.1+xorg4.3.0-37ubuntu5.0.2) trusty-security; urgency=medium
+
+  * SECURITY UPDATE: authentication bypass
+    - common/rfb/SConnection.cxx: change logic in security check to prevent
+      compiler miscompile/optimization issue in 64-bit Ubuntu 14.04 LTS.
+    - CVE-2006-2369
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 31 Jul 2015 14:49:20 -0400
+
 vnc4 (4.1.1+xorg4.3.0-37ubuntu5.0.1) trusty-proposed; urgency=medium
 
   * arm64-support.patch: Add arm64 support (LP: #1393598)