diff -u xscreensaver-5.07/debian/changelog xscreensaver-5.07/debian/changelog
--- xscreensaver-5.07/debian/changelog
+++ xscreensaver-5.07/debian/changelog
@@ -1,3 +1,10 @@
+xscreensaver (5.07-1+nmu1) experimental; urgency=high
+
+  * Non-maintainer upload by the security team.
+  * Fix local screen lock bypass vulnerability (closes: #539699).
+
+ -- Michael Gilbert <michael.s.gilbert@gmail.com>  Mon, 17 Aug 2009 00:43:39 -0400
+
 xscreensaver (5.07-1) experimental; urgency=low
 
   [ Tormod Volden ]
diff -u xscreensaver-5.07/debian/patches/series xscreensaver-5.07/debian/patches/series
--- xscreensaver-5.07/debian/patches/series
+++ xscreensaver-5.07/debian/patches/series
@@ -22,0 +23,3 @@
+
+# security fixes
+70_fix_local_screenlock_bypass.patch
only in patch2:
unchanged:
--- xscreensaver-5.07.orig/debian/patches/70_fix_local_screenlock_bypass.patch
+++ xscreensaver-5.07/debian/patches/70_fix_local_screenlock_bypass.patch
@@ -0,0 +1,12 @@
+diff -urp xscreensaver-5.07-orig/driver/mlstring.c xscreensaver-5.07-mod/driver/mlstring.c
+--- xscreensaver-5.07-orig/driver/mlstring.c	2009-08-17 00:57:51.000000000 -0400
++++ xscreensaver-5.07-mod/driver/mlstring.c	2009-08-17 00:56:56.000000000 -0400
+@@ -153,6 +153,8 @@ mlstring_wrap(mlstring *mstring, XFontSt
+ 	  
+ 	  if (wrap_at == -1) /* No space found, hard wrap */
+ 	    wrap_at = line_length;
++	  else
++            wrap_at++; /* Leave space at the end of the line */
+ 
+ 	  newml = calloc(1, sizeof(*newml));
+ 	  if (!newml) /* OOM, don't bother trying to wrap */