diff -Nru dokuwiki-0.0.20120125b/debian/changelog dokuwiki-0.0.20120125b/debian/changelog
--- dokuwiki-0.0.20120125b/debian/changelog	2012-10-19 22:46:41.000000000 +0200
+++ dokuwiki-0.0.20120125b/debian/changelog	2014-10-28 15:53:55.000000000 +0100
@@ -1,3 +1,14 @@
+dokuwiki (0.0.20120125b-2+deb7u1) UNRELEASED; urgency=medium
+
+  * debian/patches:
+     + fix_ldap_auth_bypass_CVE-2014-8763.diff: fix an authentication bypass
+       flaw when using Active Directory for LDAP
+       authentication. (CVE-2014-8763)
+     + fix_media_acl_bypass_CVE-2014-8762.diff: fix a media ACL bypass flaw.
+       (CVE-2014-8761, CVE-2014-8762)
+
+ -- Tanguy Ortolo <tanguy+debian@ortolo.eu>  Tue, 28 Oct 2014 14:20:56 +0100
+
 dokuwiki (0.0.20120125b-2) unstable; urgency=low
 
   * debian/add-ons/dokuwiki-addsite: correct a bashism `read -p "…"`.
diff -Nru dokuwiki-0.0.20120125b/debian/patches/fix_ldap_auth_bypass_CVE-2014-8763.diff dokuwiki-0.0.20120125b/debian/patches/fix_ldap_auth_bypass_CVE-2014-8763.diff
--- dokuwiki-0.0.20120125b/debian/patches/fix_ldap_auth_bypass_CVE-2014-8763.diff	1970-01-01 01:00:00.000000000 +0100
+++ dokuwiki-0.0.20120125b/debian/patches/fix_ldap_auth_bypass_CVE-2014-8763.diff	2014-10-28 15:47:13.000000000 +0100
@@ -0,0 +1,27 @@
+From: Andreas Gohr <andi@splitbrain.org>
+Subject: Clean user credentials from control chars to prevent auth bypass
+
+ This is to prevent zero byte attacks on external auth systems as described in
+ http://www.freelists.org/post/dokuwiki/Fwd-Dokuwiki-maybe-security-issue-Null-byte-poisoning-in-LDAP-authentication
+ (CVE-2014-8763)
+Origin: backport, https://github.com/splitbrain/dokuwiki/commit/395c2f0ff3e87977ea2573587a11f4ef294433f2
+Bug-Debian: http://bugs.debian.org/766545
+Last-Update: 2014-10-28
+---
+ inc/auth.php | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+Index: dokuwiki/inc/auth.php
+===================================================================
+--- dokuwiki.orig/inc/auth.php
++++ dokuwiki/inc/auth.php
+@@ -90,7 +90,8 @@ function auth_setup(){
+     }
+ 
+     // apply cleaning
+-    $_REQUEST['u'] = $auth->cleanUser($_REQUEST['u']);
++    $_REQUEST['u'] = $auth->cleanUser(stripctl($_REQUEST['u']));
++    $_REQUEST['p'] = stripctl($_REQUEST['p']);
+ 
+     if(isset($_REQUEST['authtok'])){
+         // when an authentication token is given, trust the session
diff -Nru dokuwiki-0.0.20120125b/debian/patches/fix_media_acl_bypass_CVE-2014-8762.diff dokuwiki-0.0.20120125b/debian/patches/fix_media_acl_bypass_CVE-2014-8762.diff
--- dokuwiki-0.0.20120125b/debian/patches/fix_media_acl_bypass_CVE-2014-8762.diff	1970-01-01 01:00:00.000000000 +0100
+++ dokuwiki-0.0.20120125b/debian/patches/fix_media_acl_bypass_CVE-2014-8762.diff	2014-10-28 15:47:13.000000000 +0100
@@ -0,0 +1,63 @@
+From: Michael Hamann <michael@content-space.de>
+Date: Wed, 25 Jun 2014 15:55:20 +0200
+Subject: Checks in the media manager ajax calls to prevent ACL bypass
+
+ This should be superseded by a proper rewrite of the media manager code
+ (CVE-2014-8761, CVE-2014-8762)
+Origin: backport, https://github.com/splitbrain/dokuwiki/commit/0a2ef7a346f2ad930c05a95b39bfd2f293796170
+Bug-Debian: http://bugs.debian.org/766545
+Last-Update: 2014-10-28
+---
+ inc/template.php | 10 +++++-----
+ lib/exe/ajax.php |  2 +-
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+Index: dokuwiki/inc/template.php
+===================================================================
+--- dokuwiki.orig/inc/template.php
++++ dokuwiki/inc/template.php
+@@ -1178,12 +1178,12 @@ function tpl_mediaFileList(){
+  * @author Kate Arzamastseva <pshns@ukr.net>
+  */
+ function tpl_mediaFileDetails($image, $rev){
+-    global $AUTH, $NS, $conf, $DEL, $lang;
++    global $conf, $DEL, $lang;
+ 
+     $removed = (!file_exists(mediaFN($image)) && file_exists(mediaMetaFN($image, '.changes')) && $conf['mediarevisions']);
+     if (!$image || (!file_exists(mediaFN($image)) && !$removed) || $DEL) return '';
+     if ($rev && !file_exists(mediaFN($image, $rev))) $rev = false;
+-    if (isset($NS) && getNS($image) != $NS) return '';
++    $ns = getNS($image);
+     $do = $_REQUEST['mediado'];
+ 
+     $opened_tab = $_REQUEST['tab_details'];
+@@ -1219,13 +1219,13 @@ function tpl_mediaFileDetails($image, $r
+     echo '<div class="panelContent">'.NL;
+ 
+     if ($opened_tab == 'view') {
+-        media_tab_view($image, $NS, $AUTH, $rev);
++        media_tab_view($image, $ns, null, $rev);
+ 
+     } elseif ($opened_tab == 'edit' && !$removed) {
+-        media_tab_edit($image, $NS, $AUTH);
++        media_tab_edit($image, $ns);
+ 
+     } elseif ($opened_tab == 'history' && $conf['mediarevisions']) {
+-        media_tab_history($image,$NS,$AUTH);
++        media_tab_history($image, $ns);
+     }
+ 
+     echo '</div>'.NL;
+Index: dokuwiki/lib/exe/ajax.php
+===================================================================
+--- dokuwiki.orig/lib/exe/ajax.php
++++ dokuwiki/lib/exe/ajax.php
+@@ -239,7 +239,7 @@ function ajax_mediadiff(){
+     global $NS;
+ 
+     if ($_REQUEST['image']) $image = cleanID($_REQUEST['image']);
+-    $NS = $_POST['ns'];
++    $NS = getNS($image);
+     $auth = auth_quickaclcheck("$ns:*");
+     media_diff($image, $NS, $auth, true);
+ }
diff -Nru dokuwiki-0.0.20120125b/debian/patches/series dokuwiki-0.0.20120125b/debian/patches/series
--- dokuwiki-0.0.20120125b/debian/patches/series	2012-08-18 10:36:13.000000000 +0200
+++ dokuwiki-0.0.20120125b/debian/patches/series	2014-10-28 15:47:13.000000000 +0100
@@ -4,3 +4,5 @@
 fhs.diff
 soften_email_validator.diff
 use_packaged_jquery.diff
+fix_ldap_auth_bypass_CVE-2014-8763.diff
+fix_media_acl_bypass_CVE-2014-8762.diff