diff --git a/ecryptfs-utils.security.patch b/ecryptfs-utils.security.patch
index 30cda60..e4c7983 100644
--- a/ecryptfs-utils.security.patch
+++ b/ecryptfs-utils.security.patch
@@ -2,7 +2,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
 ===================================================================
 --- ecryptfs-utils-96.orig/src/pam_ecryptfs/pam_ecryptfs.c
 +++ ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
-@@ -37,6 +37,8 @@
+@@ -37,8 +37,11 @@
  #include <sys/wait.h>
  #include <sys/types.h>
  #include <sys/stat.h>
@@ -10,8 +10,11 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
 +#include <grp.h>
  #include <fcntl.h>
  #include <security/pam_modules.h>
++#include <security/pam_ext.h>
  #include "../include/ecryptfs.h"
-@@ -119,7 +120,8 @@ static int wrap_passphrase_if_necessary(
+ 
+ #define PRIVATE_DIR "Private"
+@@ -119,9 +122,9 @@ static int wrap_passphrase_if_necessary(
  PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
  				   const char **argv)
  {
@@ -19,9 +22,11 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
 +	uid_t uid = 0, oeuid = 0;
 +	gid_t gid = 0, oegid = 0;
  	char *homedir = NULL;
- 	uid_t saved_uid = 0;
+-	uid_t saved_uid = 0;
  	const char *username;
-@@ -139,12 +141,24 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+ 	char *passphrase = NULL;
+ 	char salt[ECRYPTFS_SALT_SIZE];
+@@ -139,12 +142,24 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
  		pwd = getpwnam(username);
  		if (pwd) {
  			uid = pwd->pw_uid;
@@ -46,7 +51,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
  	if (!file_exists_dotecryptfs(homedir, "auto-mount"))
  		goto out;
  	private_mnt = ecryptfs_fetch_private_mnt(homedir);
-@@ -158,13 +172,10 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+@@ -158,13 +173,10 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
  	   load ecryptfs module if not loaded already */
  	if (ecryptfs_get_version(&version) != 0)
  		syslog(LOG_WARNING, "pam_ecryptfs: Can't check if kernel supports ecryptfs\n");
@@ -60,7 +65,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
  	if (rc != PAM_SUCCESS) {
  		syslog(LOG_ERR, "pam_ecryptfs: Error retrieving passphrase; rc = [%ld]\n",
  		       rc);
-@@ -182,7 +193,11 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
+@@ -182,7 +194,11 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
  	} else
  		from_hex(salt, salt_hex, ECRYPTFS_SALT_SIZE);
  	if ((child_pid = fork()) == 0) {
@@ -73,7 +78,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
  		if (passphrase == NULL) {
  			syslog(LOG_ERR, "pam_ecryptfs: NULL passphrase; aborting\n");
  			rc = -EINVAL;
-@@ -240,6 +255,11 @@ out_child:
+@@ -240,6 +256,11 @@ out_child:
  	if (tmp_pid == -1)
  		syslog(LOG_WARNING, "pam_ecryptfs: waitpid() returned with error condition\n");
  out:
@@ -85,7 +90,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
  	if (private_mnt != NULL)
  		free(private_mnt);
  	return PAM_SUCCESS;
-@@ -338,8 +358,12 @@ static int private_dir(pam_handle_t *pam
+@@ -338,8 +359,12 @@ static int private_dir(pam_handle_t *pam
  				syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs mount");
  				return 0;
  			}
@@ -99,7 +104,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
  			execl("/sbin/mount.ecryptfs_private",
  			      "mount.ecryptfs_private", NULL);
  		} else {
-@@ -348,8 +372,12 @@ static int private_dir(pam_handle_t *pam
+@@ -348,8 +373,12 @@ static int private_dir(pam_handle_t *pam
  				syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs unmount");
  				return 0;
  			}
@@ -113,7 +118,7 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
  			execl("/sbin/umount.ecryptfs_private",
   			      "umount.ecryptfs_private", NULL);
  		}
-@@ -391,7 +419,8 @@ pam_sm_close_session(pam_handle_t *pamh,
+@@ -391,9 +420,9 @@ pam_sm_close_session(pam_handle_t *pamh,
  PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
                                  int argc, const char **argv)
  {
@@ -121,8 +126,10 @@ Index: ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
 +	uid_t uid = 0, oeuid = 0;
 +	gid_t gid = 0, oegid = 0;
  	char *homedir = NULL;
- 	uid_t saved_uid = 0;
+-	uid_t saved_uid = 0;
  	const char *username;
+ 	char *old_passphrase = NULL;
+ 	char *new_passphrase = NULL;
 @@ -411,6 +440,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
  		pwd = getpwnam(username);
  		if (pwd) {
@@ -206,6 +213,15 @@ Index: ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c
 ===================================================================
 --- ecryptfs-utils-96.orig/src/utils/mount.ecryptfs_private.c
 +++ ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c
+@@ -302,7 +302,7 @@ int update_mtab(char *dev, char *mnt, ch
+ 		goto fail_early;
+ 	}
+ 
+-	while (old_ent = getmntent(old_mtab)) {
++	while ((old_ent = getmntent(old_mtab))) {
+ 		if (addmntent(new_mtab, old_ent) != 0) {
+ 			perror("addmntent");
+ 			goto fail;
 @@ -535,6 +535,11 @@ int main(int argc, char *argv[]) {
  		exit(1);
  	}