* debian/patches/SECURITY_CVE-2008-2050.patch: possible stack overflow and
  sending of unitialized paddings
* debian/patches/SECURITY_CVE-2008-2051.patch: properly address incomplete
  multibyte chars inside escapeshellcmd()
* debian/patches/SECURITY_CVE-2008-0599.patch: properly consider operator
  precedence when calculating length of PATH_TRANSLATED
* debian/patches/SECURITY_CVE-2007-4850.patch: fixed a safe_mode bypass in
  cURL
* Add debian/patches/SECURITY_CVE-2008-2829.patch: unsafe usage of
  deprecated imap functions (patch from Debian)
* Add debian/patches/SECURITY_CVE-2008-1384.patch: integer overflow in
  printf() (patch from Debian)
* Add debian/patches/SECURITY_CVE-2008-2107+2108.patch: weak random number
  seed.
* Add debian/patches/SECURITY_CVE-2007-4782.patch: DoS via long string in
  the fnmatch functions
* debian/patches/SECURITY_526-pcre_compile.patch: avoid stack overflow (fix
  from pcre 7.6)
* Update debian/patches/207-htmlentity-utf8-fix.patch: fail on improperly
  finished UTF sequence
* Add debian/patches/SECURITY_CVE-2008-2371.patch: buffer overflow.
  Backported upstream patches.
* References
  CVE-2008-2050
  CVE-2008-2051
  CVE-2008-0599
  CVE-2007-4850
  CVE-2008-2829
  CVE-2008-1384
  CVE-2008-2107
  CVE-2008-2108
  CVE-2007-4782
  CVE-2007-5898
  CVE-2008-2371
  LP: #227464