diff --git a/tiff-CVE-2017-11613.patch b/tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
similarity index 100%
rename from tiff-CVE-2017-11613.patch
rename to tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
diff --git a/tiff-4.0.9-bsc1046077-CVE-2017-9935.patch b/tiff-CVE-2017-9935,CVE-2018-17795.patch
similarity index 100%
rename from tiff-4.0.9-bsc1046077-CVE-2017-9935.patch
rename to tiff-CVE-2017-9935,CVE-2018-17795.patch
diff --git a/tiff.changes b/tiff.changes
index ae31368..4fbb244 100644
--- a/tiff.changes
+++ b/tiff.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Oct 19 07:02:18 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
+
+- security update
+  * CVE-2018-17795 [bsc#1110358]
+    % tiff-4.0.9-bsc1046077-CVE-2017-9935.patch renamed to
+      tiff-CVE-2017-9935,CVE-2018-17795.patch
+  * CVE-2018-16335 [bsc#1106853]
+    % tiff-CVE-2017-11613.patch renamed to
+      tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
+- add a possibility to build with ASAN
+
 -------------------------------------------------------------------
 Wed Oct 17 11:29:07 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
 
diff --git a/tiff.spec b/tiff.spec
index 2e48802..af34684 100644
--- a/tiff.spec
+++ b/tiff.spec
@@ -16,6 +16,8 @@
 #
 
 
+%define         asan_build 0
+
 Name:           tiff
 Version:        4.0.9
 Release:        0
@@ -30,12 +32,12 @@ Patch0:         tiff-4.0.3-seek.patch
 # http://bugzilla.maptools.org/show_bug.cgi?id=2442
 Patch1:         tiff-4.0.3-compress-warning.patch
 # Contained in upstream repo. See bsc#1046077 for commit IDs.
-Patch2:         tiff-4.0.9-bsc1046077-CVE-2017-9935.patch
+Patch2:         tiff-CVE-2017-9935,CVE-2018-17795.patch
 Patch3:         tiff-4.0.9-bsc1081690-CVE-2018-5784.patch
 Patch4:         tiff-CVE-2018-10963.patch
 Patch5:         tiff-CVE-2017-18013.patch
 Patch6:         tiff-CVE-2018-7456.patch
-Patch7:         tiff-CVE-2017-11613.patch
+Patch7:         tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
 Patch8:         tiff-CVE-2018-8905.patch
 Patch9:         tiff-CVE-2018-10779.patch
 Patch10:        tiff-CVE-2018-17100.patch
@@ -117,6 +119,9 @@ the libtiff library.
 %build
 CFLAGS="%{optflags} -fPIE"
 %configure --disable-static
+%if %{asan_build}
+find -name Makefile | xargs sed -i 's/\(^CFLAGS.*\)/\1 -fsanitize=address/'
+%endif
 make %{?_smp_mflags} LDFLAGS="-pie"
 
 %install
@@ -141,6 +146,10 @@ for tool in pal2rgb; do
 done
 
 %check
+%if %{asan_build}
+# ASAN needs /proc to be mounted
+exit 0
+%endif
 for i in tools test; do
 	(cd $i && make %{?_smp_mflags} check)
 done