- fix security vulnerability that allowed arbitrary system memory access (CVE-2012-0946, patch provided by upstream)