diff -Nru network-manager-0.9.10.0/debian/changelog network-manager-0.9.10.0/debian/changelog
--- network-manager-0.9.10.0/debian/changelog	2015-04-17 16:26:05.000000000 +0000
+++ network-manager-0.9.10.0/debian/changelog	2015-04-28 11:09:37.000000000 +0000
@@ -1,3 +1,13 @@
+network-manager (0.9.10.0-4ubuntu15.1) vivid-security; urgency=medium
+
+  * SECURITY UPDATE: directory traversal issue resulting in connection
+    modification and possible arbitrary file disclosure (LP: #1449245)
+    - debian/patches/CVE-2015-1322.patch: strip slashes from filename
+      in src/settings/plugins/ofono/plugin.c.
+    - CVE-2015-1322
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 28 Apr 2015 07:06:00 -0400
+
 network-manager (0.9.10.0-4ubuntu15) vivid; urgency=medium
 
   * debian/patches/dont_mangle_bridges.patch: reinstate code to avoid mangling
diff -Nru network-manager-0.9.10.0/debian/patches/CVE-2015-1322.patch network-manager-0.9.10.0/debian/patches/CVE-2015-1322.patch
--- network-manager-0.9.10.0/debian/patches/CVE-2015-1322.patch	1970-01-01 00:00:00.000000000 +0000
+++ network-manager-0.9.10.0/debian/patches/CVE-2015-1322.patch	2015-04-28 11:36:48.000000000 +0000
@@ -0,0 +1,27 @@
+Description: fix directory traversal issue resulting in connection
+ modification and possible arbitrary file disclosure
+Author: Mathieu Trudel-Lapierre <mathieu-tl@ubuntu.com>
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1449245
+
+Index: network-manager-0.9.10.0/src/settings/plugins/ofono/plugin.c
+===================================================================
+--- network-manager-0.9.10.0.orig/src/settings/plugins/ofono/plugin.c	2015-04-27 16:22:21.000000000 -0400
++++ network-manager-0.9.10.0/src/settings/plugins/ofono/plugin.c	2015-04-28 07:05:51.388669179 -0400
+@@ -179,6 +179,9 @@
+ 	GKeyFile *keyfile = NULL;
+ 	GError *tmp_error = NULL;
+ 
++	if (g_strstr_len (imsi, -1, "/") != NULL)
++		goto patherror;
++
+ 	imsi_path = g_strdup_printf (OFONO_CONFIG_DIR "/%s", imsi);
+ 	imsi_dir = g_dir_open (imsi_path, 0, NULL);
+ 
+@@ -246,6 +249,7 @@
+ 		return TRUE;
+ 	}
+ 
++patherror:
+ 	if (tmp_error) {
+ 		g_propagate_error (error, tmp_error);
+ 		g_clear_error (&tmp_error);
diff -Nru network-manager-0.9.10.0/debian/patches/series network-manager-0.9.10.0/debian/patches/series
--- network-manager-0.9.10.0/debian/patches/series	2015-04-17 16:26:05.000000000 +0000
+++ network-manager-0.9.10.0/debian/patches/series	2015-04-28 11:05:41.000000000 +0000
@@ -67,3 +67,4 @@
 
 # killswitch
 ignore_rfkill_if_urfkill_is_present.patch
+CVE-2015-1322.patch