here is a patch based on jason's work, with some more improvements. This patch applies against the current dotconf packaging in Debian unstable.
Jason, if you could possibly test this on your system, that would be appreciated, as I currently don't have an unstable system set up right now.
dotconf-1.3/debian/changelog dotconf-1.3/debian/compat dotconf-1.3/debian/control dotconf-1.3/debian/copyright dotconf-1.3/debian/docs dotconf-1.3/debian/dotconf-config.1 dotconf-1.3/debian/libdotconf0.install dotconf-1.3/debian/libdotconf0.symbols dotconf-1.3/debian/libdotconf1.0.files dotconf-1.3/debian/libdotconf1.0.postinst dotconf-1.3/debian/libdotconf-dev.docs dotconf-1.3/debian/libdotconf-dev.install dotconf-1.3/debian/libdotconf-dev.manpages dotconf-1.3/debian/patches/0001-fix-possible-buffer-overflow-in-get_path.patch dotconf-1.3/debian/patches/series dotconf-1.3/debian/rules dotconf-1.3/debian/source/format
