diff --git a/jbigkit-CVE-2022-1210.patch b/jbigkit-CVE-2022-1210.patch
new file mode 100644
index 0000000..bb03fc0
--- /dev/null
+++ b/jbigkit-CVE-2022-1210.patch
@@ -0,0 +1,36 @@
+Index: jbigkit-2.1/libjbig/jbig.c
+===================================================================
+--- jbigkit-2.1.orig/libjbig/jbig.c
++++ jbigkit-2.1/libjbig/jbig.c
+@@ -2051,6 +2051,7 @@ void jbg_dec_init(struct jbg_dec_state *
+   s->xmax = 4294967295UL;
+   s->ymax = 4294967295UL;
+   s->dmax = 256;
++  s->maxmem = 2000000000;  /* no final image larger than 2 GB by default */
+   s->s = NULL;
+ 
+   return;
+@@ -2640,6 +2641,10 @@ int jbg_dec_in(struct jbg_dec_state *s,
+       return JBG_EIMPL | 5;
+     s->options = s->buffer[19];
+ 
++    /* will the final image require more bytes than permitted by s->maxmem? */
++    if (s->maxmem / s->planes / s->yd / jbg_ceil_half(s->xd, 3) == 0)
++      return JBG_ENOMEM;   /* increase s->maxmem if needed */
++
+     /* calculate number of stripes that will be required */
+     s->stripes = jbg_stripes(s->l0, s->yd, s->d);
+     
+Index: jbigkit-2.1/libjbig/jbig.h
+===================================================================
+--- jbigkit-2.1.orig/libjbig/jbig.h
++++ jbigkit-2.1/libjbig/jbig.h
+@@ -181,6 +181,8 @@ struct jbg_dec_state {
+   unsigned long xmax, ymax;         /* if possible abort before image gets *
+ 				     * larger than this size */
+   int dmax;                                      /* abort after this layer */
++  size_t maxmem;               /* return JBG_ENOMEM if final image layer D
++                                  would require more than maxmem bytes     */
+ };
+ 
+ 
diff --git a/jbigkit.changes b/jbigkit.changes
index d9fa137..5cbe118 100644
--- a/jbigkit.changes
+++ b/jbigkit.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Dec 19 12:07:52 UTC 2023 - pgajdos@suse.com
+
+- security update
+- added patches
+  fix CVE-2022-1210 [bsc#1198146], Malicious file leads to a denial of service in TIFF File Handler
+  + jbigkit-CVE-2022-1210.patch
+
 -------------------------------------------------------------------
 Wed Aug 24 10:46:45 UTC 2022 - Andreas Schwab <schwab@suse.de>
 
diff --git a/jbigkit.spec b/jbigkit.spec
index 181ef87..44050c8 100644
--- a/jbigkit.spec
+++ b/jbigkit.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package jbigkit
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -28,6 +28,8 @@ URL:            http://www.cl.cam.ac.uk/~mgk25/jbigkit/
 Source0:        http://www.cl.cam.ac.uk/~mgk25/download/%{name}-%{version}.tar.gz
 Source42:       baselibs.conf
 Patch0:         %{name}-%{version}-shlib.patch
+# CVE-2022-1210 [bsc#1198146], Malicious file leads to a denial of service in TIFF File Handler
+Patch1:         jbigkit-CVE-2022-1210.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %define libname libjbig
@@ -69,8 +71,7 @@ The jbigkit package contains tools for converting between PBM and JBIG1
 formats.
 
 %prep
-%setup
-%patch0 -p1
+%autosetup -p1
 
 %build
 export CFLAGS="%optflags -I../libjbig" CXXFLAGS="%optflags"