diff --git a/SOURCES/CVE-2020-18770.patch b/SOURCES/CVE-2020-18770.patch
new file mode 100644
index 0000000..e4c7880
--- /dev/null
+++ b/SOURCES/CVE-2020-18770.patch
@@ -0,0 +1,30 @@
+From 18c6c043bd7d8f139f30e9c7749013115d5fc5b7 Mon Sep 17 00:00:00 2001
+From: Valentin Lefebvre <valentin.lefebvre@suse.com>
+Date: Wed, 20 Sep 2023 12:04:56 +0200
+Subject: [PATCH] mmappend.c: Avoid invalid access for header entry
+
+* zzip_disk_entry_to_file_header checking the pointer by substraction
+  instead of addition where it could lead to an invalid access memory.
+* CVE-2020-18770
+
+Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
+---
+ zzip/mmapped.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/zzip/mmapped.c b/zzip/mmapped.c
+index 2071882..beb094d 100644
+--- a/zzip/mmapped.c
++++ b/zzip/mmapped.c
+@@ -275,8 +275,9 @@ zzip_disk_entry_to_data(ZZIP_DISK * disk, struct zzip_disk_entry * entry)
+ struct zzip_file_header *
+ zzip_disk_entry_to_file_header(ZZIP_DISK * disk, struct zzip_disk_entry *entry)
+ {
+-    zzip_byte_t *const ptr = disk->buffer + zzip_disk_entry_fileoffset(entry);
+-    if (disk->buffer > ptr || ptr >= disk->endbuf)
++    zzip_off_t off = zzip_disk_entry_fileoffset(entry);
++    zzip_byte_t *const ptr = disk->buffer + off;
++    if (disk->buffer > ptr || disk->buffer >= disk->endbuf - off)
+     {
+         errno = EBADMSG;
+         return 0;
diff --git a/SPECS/zziplib.spec b/SPECS/zziplib.spec
index 29ce6fc..cc6eac0 100644
--- a/SPECS/zziplib.spec
+++ b/SPECS/zziplib.spec
@@ -1,7 +1,7 @@
 Summary: Lightweight library to easily extract data from zip files
 Name: zziplib
 Version: 0.13.68
-Release: 9%{?dist}
+Release: 12%{?dist}
 License: LGPLv2+ or MPLv1.1
 Group: Applications/Archiving
 URL: http://zziplib.sourceforge.net/
@@ -26,6 +26,7 @@ Patch10: CVE-2018-17828.patch
 Patch11: CVE-2018-17828-singlez.patch
 
 Patch12: CVE-2020-18442.patch
+Patch13: CVE-2020-18770.patch
 
 BuildRequires: perl-interpreter
 BuildRequires: python3-devel
@@ -92,6 +93,7 @@ zziplib library.
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
+%patch13 -p1
 
 pathfix.py -i %{__python3} -pn docs
 
@@ -101,7 +103,9 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
     --disable-static \
     --enable-sdl \
     --enable-frame-pointer \
-    --enable-builddir=_builddir
+    --enable-builddir=_builddir \
+    ac_cv_path_PYTHON=%__python3
+
 # Remove rpath on 64bit archs
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' */libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' */libtool
@@ -143,6 +147,18 @@ make install DESTDIR=%{buildroot}
 %{_mandir}/man3/*
 
 %changelog
+* Tue Feb 06 2024 Jakub Martisko <jamartis@redhat.com> - 0.13.68-12
+- Add the gating tests from the 8.8.0 branch
+  Resolves: RHEL-24429
+
+* Sat Jan 27 2024 Jakub Martisko <jamartis@redhat.com> - 0.13.68-11
+- Use %__python3 macro during the config phase (used for doc generation)
+  Resolves: RHEL-22880
+
+* Wed Jan 24 2024 Jakub Martisko <jamartis@redhat.com> - 0.13.68-10
+- Fix CVE-2020-18770
+  Resolves: RHEL-14966
+
 * Mon Aug 02 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.68-9
 - Fix CVE-2020-18442
 - Resolves: CVE-2020-18442