diff --git a/tiff-CVE-2019-7663.patch b/tiff-CVE-2019-7663.patch
new file mode 100644
index 0000000..5872c54
--- /dev/null
+++ b/tiff-CVE-2019-7663.patch
@@ -0,0 +1,48 @@
+Index: tiff-4.0.10/libtiff/tif_dirwrite.c
+===================================================================
+--- tiff-4.0.10.orig/libtiff/tif_dirwrite.c
++++ tiff-4.0.10/libtiff/tif_dirwrite.c
+@@ -1896,12 +1896,14 @@ TIFFWriteDirectoryTagTransferfunction(TI
+ 		n=3;
+ 	if (n==3)
+ 	{
+-		if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16)))
++		if (tif->tif_dir.td_transferfunction[2] == NULL ||
++				!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16)))
+ 			n=2;
+ 	}
+ 	if (n==2)
+ 	{
+-		if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16)))
++		if (tif->tif_dir.td_transferfunction[1] == NULL ||
++				!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16)))
+ 			n=1;
+ 	}
+ 	if (n==0)
+Index: tiff-4.0.10/tools/tiffcp.c
+===================================================================
+--- tiff-4.0.10.orig/tools/tiffcp.c
++++ tiff-4.0.10/tools/tiffcp.c
+@@ -1408,7 +1408,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuf
+ 	int status = 1;
+ 	uint32 imagew = TIFFRasterScanlineSize(in);
+ 	uint32 tilew = TIFFTileRowSize(in);
+-	int iskew  = imagew - tilew*spp;
++	int iskew;
+ 	tsize_t tilesize = TIFFTileSize(in);
+ 	tdata_t tilebuf;
+ 	uint8* bufp = (uint8*) buf;
+@@ -1416,6 +1416,13 @@ DECLAREreadFunc(readSeparateTilesIntoBuf
+ 	uint32 row;
+ 	uint16 bps = 0, bytes_per_sample;
+ 
++	if (spp > (0x7fffffff / tilew))
++	{
++		TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
++		return 0;
++	}
++	iskew = imagew - tilew*spp;
++
+ 	tilebuf = _TIFFmalloc(tilesize);
+ 	if (tilebuf == 0)
+ 		return 0;
diff --git a/tiff.changes b/tiff.changes
index 71d44c6..15097fc 100644
--- a/tiff.changes
+++ b/tiff.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Feb 12 15:36:02 UTC 2019 - mvetter@suse.com
+
+- security update
+  * CVE-2019-7663 [bsc#1125113]
+    + tiff-CVE-2019-7663.patch
+
 -------------------------------------------------------------------
 Mon Feb  4 14:04:09 UTC 2019 - mvetter@suse.com
 
diff --git a/tiff.spec b/tiff.spec
index 480e61b..b2b5603 100644
--- a/tiff.spec
+++ b/tiff.spec
@@ -38,6 +38,10 @@ Patch3:         tiff-CVE-2018-17000,19210.patch
 # http://bugzilla.maptools.org/show_bug.cgi?id=2836
 # https://gitlab.com/libtiff/libtiff/merge_requests/50
 Patch4:         tiff-CVE-2019-6128.patch
+# http://bugzilla.maptools.org/show_bug.cgi?id=2833
+# https://gitlab.com/libtiff/libtiff/merge_requests/54
+# https://gitlab.com/libtiff/libtiff/merge_requests/60
+Patch5:         tiff-CVE-2019-7663.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libjbig-devel
 BuildRequires:  libjpeg-devel
@@ -79,6 +83,7 @@ the libtiff library.
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"