diff -ruN libjs-swfupload_2.2.0.1+ds1.orig/fink/patches/fix-CVE-2012-2399-xss.patch libjs-swfupload_2.2.0.1+ds1/fink/patches/fix-CVE-2012-2399-xss.patch
--- libjs-swfupload_2.2.0.1+ds1.orig/fink/patches/fix-CVE-2012-2399-xss.patch	1969-12-31 17:00:00.000000000 -0700
+++ libjs-swfupload_2.2.0.1+ds1/fink/patches/fix-CVE-2012-2399-xss.patch	2013-05-06 11:11:43.000000000 -0600
@@ -0,0 +1,11 @@
+diff -ruN libjs-swfupload_2.2.0.1+ds1.orig/Flash/SWFUpload.as libjs-swfupload_2.2.0.1+ds1.patched/Flash/SWFUpload.as
+--- libjs-swfupload_2.2.0.1+ds1.orig/Flash/SWFUpload.as	2009-03-27 04:15:10.000000000 -0600
++++ libjs-swfupload_2.2.0.1+ds1.patched/Flash/SWFUpload.as	2013-05-06 11:11:27.000000000 -0600
+@@ -232,6 +232,7 @@
+ 			
+ 			// Get the movie name
+ 			this.movieName = root.loaderInfo.parameters.movieName;
++			this.movieName = this.movieName.replace(/[^a-zA-Z0-9\_\.\-]/g, "");
+ 
+ 			// **Configure the callbacks**
+ 			// The JavaScript tracks all the instances of SWFUpload on a page.  We can access the instance
diff -ruN libjs-swfupload_2.2.0.1+ds1.orig/fink/patches/fix-externalcall.patch libjs-swfupload_2.2.0.1+ds1/fink/patches/fix-externalcall.patch
--- libjs-swfupload_2.2.0.1+ds1.orig/fink/patches/fix-externalcall.patch	1969-12-31 17:00:00.000000000 -0700
+++ libjs-swfupload_2.2.0.1+ds1/fink/patches/fix-externalcall.patch	2013-05-06 11:13:28.000000000 -0600
@@ -0,0 +1,19 @@
+diff -ruN libjs-swfupload_2.2.0.1+ds1.orig/Flash/ExternalCall.as libjs-swfupload_2.2.0.1+ds1.patched/Flash/ExternalCall.as
+--- libjs-swfupload_2.2.0.1+ds1.orig/Flash/ExternalCall.as	2009-03-27 04:16:56.000000000 -0600
++++ libjs-swfupload_2.2.0.1+ds1.patched/Flash/ExternalCall.as	2013-05-06 11:13:00.000000000 -0600
+@@ -99,7 +99,7 @@
+ 		}
+ 		
+ 		private static function EscapeString(message:String):String {
+-			var replacePattern:RegExp = /\\/g; //new RegExp("/\\/", "g");
++			var replacePattern:RegExp = /\\/g;
+ 			return message.replace(replacePattern, "\\\\");
+ 		}
+ 		private static function EscapeArray(message_array:Array):Array {
+@@ -118,4 +118,4 @@
+ 		}
+ 
+ 	}
+-}
+\ No newline at end of file
++}