diff --git a/CVE-2017-9865.patch b/CVE-2017-9865.patch
new file mode 100644
index 0000000..b04dd30
--- /dev/null
+++ b/CVE-2017-9865.patch
@@ -0,0 +1,57 @@
+From 559c95f3bf073eafff9b69219b3e8a12cb6b0d57 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
+Date: Wed, 12 Jul 2017 14:12:46 +0100
+Subject: [PATCH] CVE-2017-9865 (fdo#100774) avoid stack buffer overflow
+
+in GfxImageColorMap:getGray
+
+by passing first arg to getGray of maximum possibly required size
+
+and similar in HtmlOutputDev::drawPngImage
+---
+ utils/HtmlOutputDev.cc  | 5 +++--
+ utils/ImageOutputDev.cc | 5 +++--
+ 2 files changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/utils/HtmlOutputDev.cc b/utils/HtmlOutputDev.cc
+index 5f5dc9f..f418b3d 100644
+--- a/utils/HtmlOutputDev.cc
++++ b/utils/HtmlOutputDev.cc
+@@ -1433,8 +1433,9 @@ void HtmlOutputDev::drawPngImage(GfxState *state, Stream *str, int width, int he
+     int invert_bits = 0xff;
+     if (colorMap) {
+       GfxGray gray;
+-      Guchar zero = 0;
+-      colorMap->getGray(&zero, &gray);
++      Guchar zero[gfxColorMaxComps];
++      memset(zero, 0, sizeof(zero));
++      colorMap->getGray(zero, &gray);
+       if (colToByte(gray) == 0)
+         invert_bits = 0x00;
+     }
+diff --git a/utils/ImageOutputDev.cc b/utils/ImageOutputDev.cc
+index 069d821..bc34543 100644
+--- a/utils/ImageOutputDev.cc
++++ b/utils/ImageOutputDev.cc
+@@ -344,7 +344,7 @@ void ImageOutputDev::writeImageFile(ImgWriter *writer, ImageFormat format, const
+   GfxRGB rgb;
+   GfxCMYK cmyk;
+   GfxGray gray;
+-  Guchar zero = 0;
++  Guchar zero[gfxColorMaxComps];
+   int invert_bits;
+ 
+   if (writer) {
+@@ -383,7 +383,8 @@ void ImageOutputDev::writeImageFile(ImgWriter *writer, ImageFormat format, const
+   // the mask we leave the data unchanged.
+   invert_bits = 0xff;
+   if (colorMap) {
+-    colorMap->getGray(&zero, &gray);
++    memset(zero, 0, sizeof(zero));
++    colorMap->getGray(zero, &gray);
+     if (colToByte(gray) == 0)
+       invert_bits = 0x00;
+   }
+-- 
+2.9.3
+
diff --git a/poppler.spec b/poppler.spec
index 64abe07..075568d 100644
--- a/poppler.spec
+++ b/poppler.spec
@@ -4,7 +4,7 @@
 Summary: PDF rendering library
 Name:    poppler
 Version: 0.56.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
 URL:     http://poppler.freedesktop.org/
 Source0: http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@@ -13,6 +13,7 @@ Source1: %{name}-test-%{test_date}_%{test_sha}.tar.xz
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=1185007
 Patch0:  poppler-0.30.0-rotated-words-selection.patch
+Patch1:  CVE-2017-9865.patch
 
 BuildRequires: gettext-devel
 BuildRequires: pkgconfig(cairo)
@@ -277,6 +278,9 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
 %{_bindir}/poppler-glib-demo
 
 %changelog
+* Wed Jul 12 2017 Caolán McNamara <caolanm@redhat.com> - 0.56.0-2
+- Resolves: rhbz#1459067 CVE-2017-7515 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865
+
 * Fri Jun 23 2017 David Tardon <dtardon@redhat.com> - 0.56.0-1
 - new upstream release