Author: Kees Cook <kees@debian.org>
Description: wctomb called with too small a buffer, patch originally taken from fedora (Closes: #497833).

--- a/transport.hxx
+++ b/transport.hxx
@@ -124,7 +124,7 @@
 extern "C" char *plusminus_locale()
 { static class __plusminus {
     private:
-	char str[4];
+	char str[MB_LEN_MAX];
     public:
 	__plusminus()	{   setlocale(LC_CTYPE,ENV_LOCALE);
 			    int l = wctomb(str,(wchar_t)(unsigned char)'±');