diff --git a/tar-1.29-extract_pathname_bypass.patch b/tar-1.29-extract_pathname_bypass.patch
index 2e00dac..6c5d8d7 100644
--- a/tar-1.29-extract_pathname_bypass.patch
+++ b/tar-1.29-extract_pathname_bypass.patch
@@ -1,29 +1,35 @@
-Index: lib/paxnames.c
+From 7340f67b9860ea0531c1450e5aa261c50f67165d Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@Penguin.CS.UCLA.EDU>
+Date: Sat, 29 Oct 2016 21:04:40 -0700
+Subject: When extracting, skip ".." members
+
+* NEWS: Document this.
+* src/extract.c (extract_archive): Skip members whose names
+contain "..".
+---
+
+Index: tar-1.29/src/extract.c
 ===================================================================
---- lib/paxnames.c.orig
-+++ lib/paxnames.c
-@@ -18,6 +18,7 @@
- #include <system.h>
- #include <hash.h>
- #include <paxlib.h>
-+#include <quotearg.h>
+--- tar-1.29.orig/src/extract.c	2016-01-20 10:26:32.000000000 +0100
++++ tar-1.29/src/extract.c	2016-12-15 18:11:56.752575954 +0100
+@@ -1629,12 +1629,20 @@ extract_archive (void)
+ {
+   char typeflag;
+   tar_extractor_t fun;
++  bool skip_dotdot_name;
  
- 
- /* Hash tables of strings.  */
-@@ -114,7 +115,15 @@ safer_name_suffix (char const *file_name
-       for (p = file_name + prefix_len; *p; )
- 	{
-           if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
--	    prefix_len = p + 2 - file_name;
-+            {
-+	      static char const *const diagnostic[] =
-+	      {
-+		N_("%s: Member name contains '..'"),
-+		N_("%s: Hard link target contains '..'")
-+	      };
-+	      FATAL_ERROR ((0, 0, _(diagnostic[link_target]),
-+	                    quotearg_colon (file_name)));
-+	    }
+   fatal_exit_hook = extract_finish;
  
- 	  do
- 	    {
+   set_next_block_after (current_header);
+ 
++  skip_dotdot_name = (!absolute_names_option
++		      && contains_dot_dot (current_stat_info.orig_file_name));
++  if (skip_dotdot_name)
++    ERROR ((0, 0, _("%s: Member name contains '..'"),
++	    quotearg_colon (current_stat_info.orig_file_name)));
++
+   if (!current_stat_info.file_name[0]
++      || skip_dotdot_name
+       || (interactive_option
+ 	  && !confirm ("extract", current_stat_info.file_name)))
+     {
diff --git a/tar.changes b/tar.changes
index 3d20bd6..868ca50 100644
--- a/tar.changes
+++ b/tar.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Dec 15 17:05:04 UTC 2016 - vcizek@suse.com
+
+- update tar-1.29-extract_pathname_bypass.patch to the upstream
+  one that fixes POINTYFEATHER issue but it doesn't limit append or
+  create operations as the initial patch did [bsc#1012633]
+  [CVE-2016-6321]
+
 -------------------------------------------------------------------
 Tue Nov  8 17:50:44 UTC 2016 - kstreitova@suse.com
 
diff --git a/tar.spec b/tar.spec
index 90f0b62..283b0cb 100644
--- a/tar.spec
+++ b/tar.spec
@@ -99,7 +99,7 @@ Upstream testsuite for the package
 #%patch12 -p1
 %patch20 -p1
 %patch21 -p1
-%patch22 -p0
+%patch22 -p1
 
 %build
 %define my_cflags -W -Wall -Wpointer-arith -Wstrict-prototypes -Wformat-security -Wno-unused-parameter -fPIE