diff --git a/libunwind-CVE-2015-3239.patch b/libunwind-CVE-2015-3239.patch
new file mode 100644
index 0000000..5031908
--- /dev/null
+++ b/libunwind-CVE-2015-3239.patch
@@ -0,0 +1,13 @@
+Index: libunwind-1.1/include/dwarf_i.h
+===================================================================
+--- libunwind-1.1.orig/include/dwarf_i.h
++++ libunwind-1.1/include/dwarf_i.h
+@@ -20,7 +20,7 @@
+ extern const uint8_t dwarf_to_unw_regnum_map[DWARF_REGNUM_MAP_LENGTH];
+ /* REG is evaluated multiple times; it better be side-effects free!  */
+ # define dwarf_to_unw_regnum(reg)					  \
+-  (((reg) <= DWARF_REGNUM_MAP_LENGTH) ? dwarf_to_unw_regnum_map[reg] : 0)
++  (((reg) < DWARF_REGNUM_MAP_LENGTH) ? dwarf_to_unw_regnum_map[reg] : 0)
+ #endif
+ 
+ #ifdef UNW_LOCAL_ONLY
diff --git a/libunwind.changes b/libunwind.changes
index 5a71bba..e25e403 100644
--- a/libunwind.changes
+++ b/libunwind.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jul  2 12:47:57 UTC 2015 - tchvatal@suse.com
+
+- Add patch for bnc#936786 CVE-2015-3239, off by one:
+  * libunwind-CVE-2015-3239.patch
+
 -------------------------------------------------------------------
 Sun Mar 29 18:47:32 UTC 2015 - meissner@suse.com
 
diff --git a/libunwind.spec b/libunwind.spec
index ea50601..d416ce9 100644
--- a/libunwind.spec
+++ b/libunwind.spec
@@ -34,6 +34,8 @@ Patch1:         libunwind-1.1-expected-fails.patch
 Patch2:         libunwind-aarch64.patch
 # PATCH-FIX-UPSTREAM: uweigand@de.ibm.com -- submitted to libunwind-devel
 Patch3:         libunwind-ppc64le.patch
+# PATCH-FIX-UPSTREAM: bnc#936786 CVE-2015-3239
+Patch4:         libunwind-CVE-2015-3239.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  gcc-c++
@@ -63,6 +65,7 @@ call-chain of a program.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 autoreconf -fvi