diff --git a/libwmf-0.2.8.4-intoverflow.patch b/libwmf-0.2.8.4-intoverflow.patch
new file mode 100644
index 0000000..c50b88f
--- /dev/null
+++ b/libwmf-0.2.8.4-intoverflow.patch
@@ -0,0 +1,27 @@
+--- libwmf-0.2.8.4.orig/src/player.c	2002-12-10 19:30:26.000000000 +0000
++++ libwmf-0.2.8.4/src/player.c	2006-07-12 15:12:52.000000000 +0100
+@@ -42,6 +42,7 @@
+ #include "player/defaults.h" /* Provides: default settings               */
+ #include "player/record.h"   /* Provides: parameter mechanism            */
+ #include "player/meta.h"     /* Provides: record interpreters            */
++#include <stdint.h>
+ 
+ /**
+  * @internal
+@@ -132,8 +134,14 @@
+ 		}
+ 	}
+ 
+-/*	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
+- */	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
++	if (MAX_REC_SIZE(API) > SIZE_MAX / 2)
++	{
++		API->err = wmf_E_InsMem;
++		WMF_DEBUG (API,"bailing...");
++		return (API->err);
++	}
++	
++ 	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2);
+ 
+ 	if (ERR (API))
+ 	{	WMF_DEBUG (API,"bailing...");
diff --git a/libwmf.spec b/libwmf.spec
index 85eea7c..24461e2 100644
--- a/libwmf.spec
+++ b/libwmf.spec
@@ -1,7 +1,7 @@
 Summary: Windows Metafile Library
 Name: libwmf
 Version: 0.2.8.4
-Release: 8
+Release: 9
 Group: System Environment/Libraries
 License: LGPL
 Source: http://prdownloads.sourceforge.net/wvware/%{name}-%{version}.tar.gz
@@ -11,6 +11,7 @@ Patch1: libwmf-0.2.8.3-relocatablefonts.patch
 Patch2: libwmf-0.2.8.4-fallbackfont.patch
 Patch3: libwmf-0.2.8.4-deps.patch
 Patch4: libwmf-0.2.8.4-multiarchdevel.patch
+Patch5: libwmf-0.2.8.4-intoverflow.patch
 Requires: gtk2 >= 2.9.0
 Requires: libxml2 >= 2.6.8
 Requires: gd >= 2.0.21
@@ -48,6 +49,7 @@ Libraries, headers, and support files necessary to compile applications using li
 %patch2 -p1 -b .fallbackfont
 %patch3 -p1 -b .deps
 %patch4 -p1 -b .multiarchdevel
+%patch5 -p1 -b .intoverflow
 
 %build
 rm configure.ac
@@ -105,6 +107,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/gtk-2.0/*/loaders/*.la
 rm -r $RPM_BUILD_ROOT
 
 %changelog
+* Wed Jul 12 2006 Caolan McNamara <caolanm@redhat.com> 0.2.8.4-9
+- CVE-2006-3376 libwmf integer overflow
+
 * Tue May 16 2006 Caolan McNamara <caolanm@redhat.com> 0.2.8.4-8
 - rh#191971# BuildRequires