Comment 9 for bug 287534

Fix for 1.2.5 is based on upstream's suggestion about how to prevent the issue in a minimally invasive way. Upstream includes in 1.2.9 a test for this vulnerability in t/11. If vulnerable, the test will cause a segfault. NCommander verified for me that with these changes (he just tested Hardy, but it should be the same for all) it passes the test and fails without the update.