* New upstream version, including upstream fixes for: - CVE-2012-6122 Use POSIX() poll on systems where available. - CVE-2012-6123 Added checks for embedded '\0' characters. - CVE-2012-6124 On 64-bit machines the "random" procedure no longer truncates result values. - CVE-2012-6125 Improved hash table collision resistance. * Added fix-untrusted-code.patch to prevent execution of untrusted code, see CVE-2013-1874, patch provided by upstream. * Added fix-command-injection.patch to fix a command injection vulnerability, see CVE-2013-2024, patch provided by upstream.