diff -Nru plymouth-0.9.0/debian/changelog plymouth-0.9.0/debian/changelog
--- plymouth-0.9.0/debian/changelog	2014-09-29 11:19:17.000000000 +0100
+++ plymouth-0.9.0/debian/changelog	2014-10-21 16:01:20.000000000 +0100
@@ -1,3 +1,12 @@
+plymouth (0.9.0-0ubuntu7) utopic; urgency=low
+
+  * d/p/ubuntu-fix-split-writes.patch -- avoid the client seeing
+    the beginning of our replies before the whole reply is ready for
+    consumption.  This avoids us aborting password lookups even though
+    they were correctly entered. (LP: #1362333)
+
+ -- Andy Whitcroft <apw@ubuntu.com>  Tue, 21 Oct 2014 12:55:18 +0100
+
 plymouth (0.9.0-0ubuntu6) utopic; urgency=medium
 
   * d/p/ubuntu-seat-terminal-may-be-null.patch -- check that the
diff -Nru plymouth-0.9.0/debian/patches/series plymouth-0.9.0/debian/patches/series
--- plymouth-0.9.0/debian/patches/series	2014-09-25 18:27:43.000000000 +0100
+++ plymouth-0.9.0/debian/patches/series	2014-10-21 15:55:39.000000000 +0100
@@ -18,3 +18,4 @@
 0008-show-delay.patch
 0001-Bump-point-release-and-ABI-versions-of-libraries.patch
 ubuntu-seat-terminal-may-be-null.patch
+ubuntu-fix-split-writes.patch
diff -Nru plymouth-0.9.0/debian/patches/ubuntu-fix-split-writes.patch plymouth-0.9.0/debian/patches/ubuntu-fix-split-writes.patch
--- plymouth-0.9.0/debian/patches/ubuntu-fix-split-writes.patch	1970-01-01 01:00:00.000000000 +0100
+++ plymouth-0.9.0/debian/patches/ubuntu-fix-split-writes.patch	2014-10-21 17:12:36.000000000 +0100
@@ -0,0 +1,104 @@
+Description: fix split writes for long server responces
+ The client is reading the servers repsonses in a non-blocking environment
+ and will not cope if the stream does not contain all of the expected data.
+ This leads it to read an "answer included" response and not find the expected
+ size.  Leading to unexpected command failures.
+ .
+ Guarentee the entire message is available by packing the various parts into
+ a buffer and submitting it as a single unit.  This will ensure as far as
+ possible that we will not get the first byte without the rest being present.
+ .
+ In a perfect world the consumer would cope with short buffers, and internally
+ buffer those until the remainder arrives.
+Author: Andy Whitcroft <apw@canonical.com>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Bug-Ubuntu: https://launchpad.net/bugs/1362333
+Last-Update: 2014-10-21
+
+Index: plymouth-0.9.0/src/ply-boot-server.c
+===================================================================
+--- plymouth-0.9.0.orig/src/ply-boot-server.c	2014-10-21 16:13:12.806299479 +0100
++++ plymouth-0.9.0/src/ply-boot-server.c	2014-10-21 17:12:33.751957255 +0100
+@@ -263,17 +263,41 @@
+   return connection->uid == 0;
+ }
+ 
++uint8_t *
++ply_pack_uint32 (uint8_t *buffer,
++                 uint32_t value)
++{
++  buffer[0] = (value >> 0) & 0xFF;
++  buffer[1] = (value >> 8) & 0xFF;
++  buffer[2] = (value >> 16) & 0xFF;
++  buffer[3] = (value >> 24) & 0xFF;
++
++  return &buffer[4];
++}
++
++uint8_t *
++ply_pack_binary(uint8_t *buffer,
++               const void *value,
++               int length)
++{
++  memcpy(buffer, value, length);
++  return &buffer[length];
++}
++
+ static void
+ ply_boot_connection_send_answer (ply_boot_connection_t *connection,
+                                  const char            *answer)
+ {
+   uint32_t size;
++  uint8_t *b;
++  uint8_t *c;
+ 
+   /* splash plugin isn't able to ask for password,
+    * punt to client
+    */
+   if (answer == NULL)
+     {
++ err:
+       if (!ply_write (connection->fd,
+                       PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NO_ANSWER,
+                       strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_NO_ANSWER)))
+@@ -283,15 +307,28 @@
+     {
+       size = strlen (answer);
+ 
+-      if (!ply_write (connection->fd,
+-                      PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ANSWER,
+-                      strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ANSWER)) ||
+-          !ply_write_uint32 (connection->fd,
+-                             size) ||
+-          !ply_write (connection->fd,
+-                      answer, size))
++      b = malloc(strlen(PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ANSWER) +
++		 4 + size);
++      if (!b)
++        {
++          ply_trace ("could not create buffer for answer reply");
++          goto err;
++        }
++
++      /* Build a complete packet buffer. */
++      c = b;
++      c = ply_pack_binary(c, PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ANSWER,
++             strlen (PLY_BOOT_PROTOCOL_RESPONSE_TYPE_ANSWER));
++      c = ply_pack_uint32(c, size);
++      c = ply_pack_binary(c, answer, size);
++
++      /* Write the reply as a single transaction so that we ensure the
++       * consumer cannot see the beginning without the remainder being
++       * available to read. */
++      if (!ply_write (connection->fd, b, c - b))
+           ply_trace ("could not finish writing answer: %m");
+ 
++      free(b);
+     }
+ 
+ }