Version 1.8.6.36-1ubuntu3.2: 

  * SECURITY UPDATE: denial of service or arbitrary code execution via
    integer overflows and memory corruption
  * debian/patches/102_CVE-2008-2662+2663+2664+2725+2726.dpatch: update
    array.c to properly validate the size of an array. Update string.c and
    sprintf.c for proper bounds checking
  * References:
    CVE-2008-2662
    CVE-2008-2663
    CVE-2008-2664
    CVE-2008-2725
    CVE-2008-2726
    LP: #241657