diff --git a/libcdio-0.82-sprintf.patch b/libcdio-0.82-sprintf.patch
new file mode 100644
index 0000000..cd2638b
--- /dev/null
+++ b/libcdio-0.82-sprintf.patch
@@ -0,0 +1,78 @@
+diff -up libcdio-0.82/lib/driver/MSWindows/win32_ioctl.c.sprintf libcdio-0.82/lib/driver/MSWindows/win32_ioctl.c
+--- libcdio-0.82/lib/driver/MSWindows/win32_ioctl.c.sprintf	2011-05-19 08:45:55.326672827 +0200
++++ libcdio-0.82/lib/driver/MSWindows/win32_ioctl.c	2011-05-19 08:46:00.008672826 +0200
+@@ -35,7 +35,7 @@ static const char _rcsid[] = "$Id: win32
+ #include "undocumented.h"
+ #define FORMAT_ERROR(i_err, psz_msg) \
+    psz_msg=(char *)LocalAlloc(LMEM_ZEROINIT, 255); \
+-   sprintf(psz_msg, "error file %s: line %d (%s) %d\n", 
++   sprintf(psz_msg, "error file %.100s: line %d (%.100s) %d\n", 
+ 	   _FILE__, __LINE__, __PRETTY_FUNCTION__, i_err)
+ #else
+ #include <ddk/ntddcdrm.h>
+diff -up libcdio-0.82/lib/driver/solaris.c.sprintf libcdio-0.82/lib/driver/solaris.c
+--- libcdio-0.82/lib/driver/solaris.c.sprintf	2011-05-19 08:47:40.862672799 +0200
++++ libcdio-0.82/lib/driver/solaris.c	2011-05-19 09:05:47.204672524 +0200
+@@ -1014,7 +1014,7 @@ cdio_get_devices_solaris (void)
+ 
+     /* Check if this is a directory, if so it's probably Solaris media */
+     if(S_ISDIR(st.st_mode)) {
+-      sprintf(volpath, "%s/s0", globbuf.gl_pathv[i]);
++      snprintf(volpath, 256, "%s/s0", globbuf.gl_pathv[i]);
+       if(stat(volpath, &st) == 0)
+         cdio_add_device_list(&drives, volpath, &i_files);
+ 	}else
+diff -up libcdio-0.82/src/cdda-player.c.sprintf libcdio-0.82/src/cdda-player.c
+--- libcdio-0.82/src/cdda-player.c.sprintf	2011-05-19 08:54:48.151672692 +0200
++++ libcdio-0.82/src/cdda-player.c	2011-05-19 08:59:29.486672620 +0200
+@@ -307,7 +307,7 @@ xperror(const char *psz_msg)
+   }
+   
+   if (b_verbose) {
+-    sprintf(line,"%s: %s", psz_msg, strerror(errno));
++    snprintf(line, 80, "%s: %s", psz_msg, strerror(errno));
+     attron(A_STANDOUT);
+     mvprintw(LINE_ACTION, 0, (char *) "error  : %s", line);
+     attroff(A_STANDOUT);
+@@ -715,7 +715,7 @@ display_status(bool b_status_only)
+   if (!b_interactive) return;
+ 
+   if (!b_cd) {
+-    sprintf(line,"no CD in drive (%s)", psz_device);
++    snprintf(line, 80, "no CD in drive (%s)", psz_device);
+ 
+   } else if (i_first_track == CDIO_CDROM_LEADOUT_TRACK) {
+     sprintf(line,"CD has only data tracks");
+@@ -725,7 +725,7 @@ display_status(bool b_status_only)
+     cdio_audio_get_volume(p_cdio, &audio_volume);
+     if (i_vol_port < 4) {
+ 	i_volume_level = rounded_div(audio_volume.level[i_vol_port]*100, 256);
+-	sprintf(line,
++	snprintf(line, 80,
+ 		"track %2d - %02x:%02x of %s (%02x:%02x abs) %s volume: %d",
+ 		sub.track, sub.rel_addr.m, sub.rel_addr.s, 
+ 		cd_info[sub.track].length,
+@@ -733,12 +733,12 @@ display_status(bool b_status_only)
+ 		mmc_audio_state2str(sub.audio_status),
+ 		i_volume_level);
+       } else 
+-	sprintf(line,"track %2d - %02x:%02x of %s (%02x:%02x abs) %s",
++	snprintf(line, 80, "track %2d - %02x:%02x of %s (%02x:%02x abs) %s",
+ 		sub.track, sub.rel_addr.m, sub.rel_addr.s,
+ 		cd_info[sub.track].length, sub.abs_addr.m, sub.abs_addr.s,
+ 		mmc_audio_state2str(sub.audio_status));
+   } else {
+-    sprintf(line,"%s", mmc_audio_state2str(sub.audio_status));
++    snprintf(line, 80, "%s", mmc_audio_state2str(sub.audio_status));
+     
+   }
+ 
+@@ -979,7 +979,7 @@ display_tracks(void)
+       s = cdio_audio_get_msf_seconds(&toc[i+1]) 
+ 	- cdio_audio_get_msf_seconds(&toc[i]);
+       read_subchannel(p_cdio);
+-      sprintf(line, "%2d  %02d:%02d  %s ", i, 
++      snprintf(line, 200, "%2d  %02d:%02d  %s ", i, 
+ 	      s / CDIO_CD_SECS_PER_MIN,  s % CDIO_CD_SECS_PER_MIN,
+ 	      ( ( sub.audio_status == CDIO_MMC_READ_SUB_ST_PLAY ||
+ 		  sub.audio_status == CDIO_MMC_READ_SUB_ST_PAUSED ) &&
diff --git a/libcdio.spec b/libcdio.spec
index 9a9e0b5..661d4da 100644
--- a/libcdio.spec
+++ b/libcdio.spec
@@ -1,6 +1,6 @@
 Name: libcdio
 Version: 0.82
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: CD-ROM input and control library
 Group: System Environment/Libraries
 License: GPLv3+
@@ -9,6 +9,7 @@ Source0: http://ftp.gnu.org/gnu/libcdio/libcdio-0.82.tar.gz
 Source1: http://ftp.gnu.org/gnu/libcdio/libcdio-0.82.tar.gz.sig
 Source2: libcdio-no_date_footer.hml
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch1: libcdio-0.82-sprintf.patch
 BuildRequires: pkgconfig doxygen
 BuildRequires: ncurses-devel
 BuildRequires: help2man
@@ -35,6 +36,7 @@ This package contains header files and libraries for %{name}.
 
 %prep
 %setup -q
+%patch1 -p1 -b .sprintf
 
 f=src/cd-paranoia/doc/ja/cd-paranoia.1.in
 iconv -f euc-jp -t utf-8 -o $f.utf8 $f && mv $f.utf8 $f
@@ -131,6 +133,9 @@ fi
 
 
 %changelog
+* Thu May 19 2011 Honza Horak <hhorak@redhat.com> - 0.82-4
+- fixed #705673 buffer overflow and other unprotected sprintf calls
+
 * Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.82-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild