diff --git a/openslp.changes b/openslp.changes
index d272fe7..5c295f9 100644
--- a/openslp.changes
+++ b/openslp.changes
@@ -11,6 +11,9 @@ Mon Sep 12 14:23:15 CEST 2016 - mls@suse.de
   new patch: openslp.doubleequal.diff
 - fix bug in openslp.initda.diff patch
 - fix rcopenslp helper
+- fix _xrealloc not checking the malloc return value
+  [bnc#980722] [CVE-2016-4912]
+  new patch: openslp.xrealloc.diff
 
 -------------------------------------------------------------------
 Sun Mar  8 00:39:27 UTC 2015 - p.drouand@gmail.com
diff --git a/openslp.spec b/openslp.spec
index f419b0c..f965c4a 100644
--- a/openslp.spec
+++ b/openslp.spec
@@ -60,6 +60,7 @@ Patch12:        openslp.sd_notify.diff
 Patch13:        openslp.predicatestorage.diff
 Patch14:        openslp.doubleequal.diff
 Patch15:        openslp.noconvenience.diff
+Patch16:        openslp.xrealloc.diff
 
 %description
 Service Location Protocol is an IETF standards track protocol that
@@ -127,6 +128,8 @@ such applications.
 %patch13
 %patch14
 %patch15
+%patch16
+
 %build
 autoreconf -fiv
 %configure --disable-static --with-pic --enable-slpv1 \
diff --git a/openslp.xrealloc.diff b/openslp.xrealloc.diff
new file mode 100644
index 0000000..1d0870e
--- /dev/null
+++ b/openslp.xrealloc.diff
@@ -0,0 +1,11 @@
+--- ./common/slp_xmalloc.c.orig	2016-09-13 11:46:35.749065088 +0000
++++ ./common/slp_xmalloc.c	2016-09-13 11:48:03.785749186 +0000
+@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int
+       if (x->size != size)
+       {
+          newptr = _xmalloc(file, line, size);
++         if (!newptr)
++            return 0;
+          memcpy(newptr, ptr, x->size);
+          _xfree(file, line, x);
+       }