diff -Nru qtbase-opensource-src-5.4.1+dfsg/debian/changelog qtbase-opensource-src-5.4.1+dfsg/debian/changelog
--- qtbase-opensource-src-5.4.1+dfsg/debian/changelog	2015-04-01 05:44:29.000000000 +0000
+++ qtbase-opensource-src-5.4.1+dfsg/debian/changelog	2015-04-07 10:43:41.000000000 +0000
@@ -1,4 +1,4 @@
-qtbase-opensource-src (5.4.1+dfsg-2ubuntu6) vivid; urgency=medium
+qtbase-opensource-src (5.4.1+dfsg-2ubuntu7~vivid1~test1) vivid; urgency=medium
 
   * Patches for fixing DBus behavior (LP: #1421009):
     - debian/patches/Implement-the-blocking-QtDBus-call-in-terms-of-the-n.patch
@@ -17,6 +17,7 @@
     - debian/patches/Make-QDBusConnectionPrivate-getNameOwnerNoCache-work.patch
     - debian/patches/Bypass-connectSignal-for-receiving-the-NameOwnerChan.patch
     - debian/patches/Make-sure-we-don-t-deadlock-when-connecting-signals.patch
+    - debian/patches/Fix-undefined-behavior-accessing-an-object-after-des.patch
 
  -- Timo Jyrinki <timo-jyrinki@ubuntu.com>  Wed, 01 Apr 2015 05:44:19 +0000
 
@@ -626,7 +627,7 @@
 
  -- Timo Jyrinki <timo-jyrinki@ubuntu.com>  Thu, 05 Jun 2014 04:28:02 +0000
 
-qtbase-opensource-src (5.3.0+dfsg-3) UNRELEASED; urgency=medium
+qtbase-opensource-src (5.3.0+dfsg-3~vivid1~test1) vivid; urgency=medium
 
   [ Lisandro Damián Nicanor Pérez Meyer ]
   * Search for private symbols at build time and produce a diff so as to be
diff -Nru qtbase-opensource-src-5.4.1+dfsg/debian/patches/Fix-undefined-behavior-accessing-an-object-after-des.patch qtbase-opensource-src-5.4.1+dfsg/debian/patches/Fix-undefined-behavior-accessing-an-object-after-des.patch
--- qtbase-opensource-src-5.4.1+dfsg/debian/patches/Fix-undefined-behavior-accessing-an-object-after-des.patch	1970-01-01 00:00:00.000000000 +0000
+++ qtbase-opensource-src-5.4.1+dfsg/debian/patches/Fix-undefined-behavior-accessing-an-object-after-des.patch	2015-04-07 10:43:41.000000000 +0000
@@ -0,0 +1,59 @@
+From 7468ddb6018467b628d28814216da35fc602c31a Mon Sep 17 00:00:00 2001
+From: Thiago Macieira <thiago.macieira@intel.com>
+Date: Fri, 3 Apr 2015 22:21:08 -0700
+Subject: [PATCH] Fix undefined behavior: accessing an object after destruction
+
+QDBusConnectionPrivate keeps a pointer to a QDBusConnectionInteface,
+which in turn holds a reference back to that QDBusConnectionPrivate.
+During the interface object's destruction, the QDBusAbstractInterface's
+destructor checks if the interface is still valid. That access is
+undefined behavior, but has so far been benign in all our uses since
+the memory had not yet been freed (just destroyed) and the reference
+count went from 0 to -1.
+
+To be on the safe side, we destroy now the QDBusConnectionInterface
+object while the Private is still valid. It will bring the reference
+count down from 0 to a negative number, but won't cause any other
+effects.
+
+Change-Id: I9a75ad8521ae4e5cbbe5ffff13d1b80057e13809
+---
+ src/dbus/qdbusintegrator.cpp | 9 +++++++++
+ src/dbus/qdbusserver.cpp     | 1 +
+ 2 files changed, 10 insertions(+)
+
+diff --git a/src/dbus/qdbusintegrator.cpp b/src/dbus/qdbusintegrator.cpp
+index 3d14b2b..a87d843 100644
+--- a/src/dbus/qdbusintegrator.cpp
++++ b/src/dbus/qdbusintegrator.cpp
+@@ -984,6 +984,15 @@ QDBusConnectionPrivate::~QDBusConnectionPrivate()
+                  "Timer and socket errors will follow and the program will probably crash",
+                  qPrintable(name));
+ 
++    if (mode == ClientMode) {
++        // the bus service object holds a reference back to us;
++        // we need to destroy it before we finish destroying ourselves
++        Q_ASSERT(ref.load() == 0);
++        QObject *obj = (QObject *)busService;
++        disconnect(obj, Q_NULLPTR, this, Q_NULLPTR);
++        delete obj;
++    }
++
+     closeConnection();
+     rootNode.children.clear();  // free resources
+     qDeleteAll(cachedMetaObjects);
+diff --git a/src/dbus/qdbusserver.cpp b/src/dbus/qdbusserver.cpp
+index 85ebb98..a0b2c82 100644
+--- a/src/dbus/qdbusserver.cpp
++++ b/src/dbus/qdbusserver.cpp
+@@ -114,6 +114,7 @@ QDBusServer::~QDBusServer()
+         }
+         d->serverConnectionNames.clear();
+     }
++    d->ref.store(0);
+     d->deleteLater();
+ }
+ 
+-- 
+2.1.4
+
diff -Nru qtbase-opensource-src-5.4.1+dfsg/debian/patches/series qtbase-opensource-src-5.4.1+dfsg/debian/patches/series
--- qtbase-opensource-src-5.4.1+dfsg/debian/patches/series	2015-04-01 05:44:29.000000000 +0000
+++ qtbase-opensource-src-5.4.1+dfsg/debian/patches/series	2015-04-07 10:43:41.000000000 +0000
@@ -45,3 +45,4 @@
 Make-QDBusConnectionPrivate-getNameOwnerNoCache-work.patch
 Bypass-connectSignal-for-receiving-the-NameOwnerChan.patch
 Make-sure-we-don-t-deadlock-when-connecting-signals.patch
+Fix-undefined-behavior-accessing-an-object-after-des.patch
diff -Nru qtbase-opensource-src-5.4.1+dfsg/debian/patches/Use-a-dedicated-thread-for-handling-incoming-libdbus.patch qtbase-opensource-src-5.4.1+dfsg/debian/patches/Use-a-dedicated-thread-for-handling-incoming-libdbus.patch
--- qtbase-opensource-src-5.4.1+dfsg/debian/patches/Use-a-dedicated-thread-for-handling-incoming-libdbus.patch	2015-04-01 05:44:29.000000000 +0000
+++ qtbase-opensource-src-5.4.1+dfsg/debian/patches/Use-a-dedicated-thread-for-handling-incoming-libdbus.patch	2015-04-07 10:43:41.000000000 +0000
@@ -1,4 +1,4 @@
-From 820669776945404faf285e6d1c12f909cbb43f3d Mon Sep 17 00:00:00 2001
+From 08e4a8f7b0c5bf9a761c84b61c3860e1b31a2ea0 Mon Sep 17 00:00:00 2001
 From: Thiago Macieira <thiago.macieira@intel.com>
 Date: Mon, 29 Dec 2014 11:35:36 -0200
 Subject: [PATCH] Use a dedicated thread for handling incoming libdbus-1 events
@@ -25,25 +25,17 @@
 Task-number: QTBUG-43585
 Change-Id: Ic5d393bfd36e48a193fcffff13b737556ccd11a8
 ---
- src/dbus/qdbusconnection.cpp                       | 56 ++++++++++++----------
- src/dbus/qdbusconnectionmanager_p.h                | 11 ++++-
+ src/dbus/qdbusconnection.cpp                       | 58 ++++++++++++----------
+ src/dbus/qdbusconnectionmanager_p.h                | 11 +++-
  src/dbus/qdbusintegrator.cpp                       | 12 ++---
  src/dbus/qdbusserver.cpp                           |  6 ++-
- .../dbus/qdbuspendingcall/tst_qdbuspendingcall.cpp | 33 +------------
- 5 files changed, 48 insertions(+), 70 deletions(-)
+ .../dbus/qdbuspendingcall/tst_qdbuspendingcall.cpp | 33 +-----------
+ 5 files changed, 50 insertions(+), 70 deletions(-)
 
 diff --git a/src/dbus/qdbusconnection.cpp b/src/dbus/qdbusconnection.cpp
-index bd765a3..44e5f62 100644
+index bd765a3..8ac47a5 100644
 --- a/src/dbus/qdbusconnection.cpp
 +++ b/src/dbus/qdbusconnection.cpp
-@@ -1,6 +1,7 @@
- /****************************************************************************
- **
- ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
-+** Copyright (C) 2015 Intel Corporation.
- ** Contact: http://www.qt-project.org/legal
- **
- ** This file is part of the QtDBus module of the Qt Toolkit.
 @@ -77,17 +78,16 @@ void QDBusConnectionManager::removeConnection(const QString &name)
      // ### Output a warning if connections are being used after they have been removed.
  }
@@ -70,7 +62,7 @@
  }
  
  QDBusConnectionManager* QDBusConnectionManager::instance()
-@@ -106,6 +106,23 @@ void QDBusConnectionManager::setConnection(const QString &name, QDBusConnectionP
+@@ -106,6 +106,25 @@ void QDBusConnectionManager::setConnection(const QString &name, QDBusConnectionP
      c->name = name;
  }
  
@@ -83,10 +75,12 @@
 +    for (QHash<QString, QDBusConnectionPrivate *>::const_iterator it = connectionHash.constBegin();
 +         it != connectionHash.constEnd(); ++it) {
 +        QDBusConnectionPrivate *d = it.value();
-+        if (d->ref.deref())
++        if (!d->ref.deref()) {
 +            delete d;
-+        else
++        } else {
 +            d->closeConnection();
++            d->moveToThread(Q_NULLPTR);     // allow it to be deleted in another thread
++        }
 +    }
 +    connectionHash.clear();
 +}
@@ -94,7 +88,7 @@
  /*!
      \class QDBusConnection
      \inmodule QtDBus
-@@ -295,8 +312,6 @@ QDBusConnection &QDBusConnection::operator=(const QDBusConnection &other)
+@@ -295,8 +314,6 @@ QDBusConnection &QDBusConnection::operator=(const QDBusConnection &other)
  */
  QDBusConnection QDBusConnection::connectToBus(BusType type, const QString &name)
  {
@@ -103,7 +97,7 @@
      if (!qdbus_loadLibDBus()) {
          QDBusConnectionPrivate *d = 0;
          return QDBusConnection(d);
-@@ -331,6 +346,7 @@ QDBusConnection QDBusConnection::connectToBus(BusType type, const QString &name)
+@@ -331,6 +348,7 @@ QDBusConnection QDBusConnection::connectToBus(BusType type, const QString &name)
      // create the bus service
      // will lock in QDBusConnectionPrivate::connectRelay()
      d->setBusService(retval);
@@ -111,7 +105,7 @@
  
      return retval;
  }
-@@ -342,8 +358,6 @@ QDBusConnection QDBusConnection::connectToBus(BusType type, const QString &name)
+@@ -342,8 +360,6 @@ QDBusConnection QDBusConnection::connectToBus(BusType type, const QString &name)
  QDBusConnection QDBusConnection::connectToBus(const QString &address,
                                                const QString &name)
  {
@@ -120,7 +114,7 @@
      if (!qdbus_loadLibDBus()) {
          QDBusConnectionPrivate *d = 0;
          return QDBusConnection(d);
-@@ -373,6 +387,7 @@ QDBusConnection QDBusConnection::connectToBus(const QString &address,
+@@ -373,6 +389,7 @@ QDBusConnection QDBusConnection::connectToBus(const QString &address,
      // create the bus service
      // will lock in QDBusConnectionPrivate::connectRelay()
      d->setBusService(retval);
@@ -128,7 +122,7 @@
  
      return retval;
  }
-@@ -385,8 +400,6 @@ QDBusConnection QDBusConnection::connectToBus(const QString &address,
+@@ -385,8 +402,6 @@ QDBusConnection QDBusConnection::connectToBus(const QString &address,
  QDBusConnection QDBusConnection::connectToPeer(const QString &address,
                                                 const QString &name)
  {
@@ -137,7 +131,7 @@
      if (!qdbus_loadLibDBus()) {
          QDBusConnectionPrivate *d = 0;
          return QDBusConnection(d);
-@@ -405,6 +418,7 @@ QDBusConnection QDBusConnection::connectToPeer(const QString &address,
+@@ -405,6 +420,7 @@ QDBusConnection QDBusConnection::connectToPeer(const QString &address,
  
      d->setPeer(c, error);
      _q_manager()->setConnection(name, d);
@@ -145,7 +139,7 @@
  
      QDBusConnection retval(d);
  
-@@ -1061,16 +1075,7 @@ class QDBusDefaultConnection: public QDBusConnection
+@@ -1061,16 +1077,7 @@ class QDBusDefaultConnection: public QDBusConnection
  public:
      inline QDBusDefaultConnection(BusType type, const char *name)
          : QDBusConnection(connectToBus(type, QString::fromLatin1(name))), ownName(name)
@@ -163,7 +157,7 @@
  
      inline ~QDBusDefaultConnection()
      { disconnectFromBus(QString::fromLatin1(ownName)); }
-@@ -1125,6 +1130,7 @@ QDBusConnection QDBusConnection::sender()
+@@ -1125,6 +1132,7 @@ QDBusConnection QDBusConnection::sender()
  */
  void QDBusConnectionPrivate::setBusService(const QDBusConnection &connection)
  {
@@ -175,14 +169,6 @@
 index fc0bb51..5b07769 100644
 --- a/src/dbus/qdbusconnectionmanager_p.h
 +++ b/src/dbus/qdbusconnectionmanager_p.h
-@@ -1,6 +1,7 @@
- /****************************************************************************
- **
- ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
-+** Copyright (C) 2015 Intel Corporation.
- ** Contact: http://www.qt-project.org/legal
- **
- ** This file is part of the QtDBus module of the Qt Toolkit.
 @@ -47,15 +48,17 @@
  #define QDBUSCONNECTIONMANAGER_P_H
  
@@ -203,7 +189,7 @@
      ~QDBusConnectionManager();
      static QDBusConnectionManager* instance();
  
-@@ -67,6 +67,10 @@
+@@ -64,6 +67,10 @@ public:
      void setSender(const QDBusConnectionPrivate *s);
  
      mutable QMutex mutex;
@@ -288,14 +274,6 @@
 index 9c334f7..cc12ef8 100644
 --- a/tests/auto/dbus/qdbuspendingcall/tst_qdbuspendingcall.cpp
 +++ b/tests/auto/dbus/qdbuspendingcall/tst_qdbuspendingcall.cpp
-@@ -1,6 +1,7 @@
- /****************************************************************************
- **
- ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
-+** Copyright (C) 2015 Intel Corporation.
- ** Contact: http://www.qt-project.org/legal
- **
- ** This file is part of the test suite of the Qt Toolkit.
 @@ -172,10 +173,6 @@ QDBusPendingCall tst_QDBusPendingCall::sendError()
  void tst_QDBusPendingCall::waitForFinished()
  {