diff --git a/CVE-2018-1000035.patch b/CVE-2018-1000035.patch
new file mode 100644
index 0000000..97561b8
--- /dev/null
+++ b/CVE-2018-1000035.patch
@@ -0,0 +1,39 @@
+From: <kbabioch@suse.com>
+Date: Thu Feb  8 15:10:03 CET 2018
+Upstream: merged
+References: http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=548
+
+Index: fileio.c
+===================================================================
+--- fileio.c.orig
++++ fileio.c
+@@ -1613,7 +1613,11 @@ int UZ_EXP UzpPassword (pG, rcnt, pwbuf,
+     int r = IZ_PW_ENTERED;
+     char *m;
+     char *prompt;
+-
++    char *zfnf;
++    char *efnf;
++    size_t zfnfl;
++    int isOverflow;
++    
+ #ifndef REENTRANT
+     /* tell picky compilers to shut up about "unused variable" warnings */
+     pG = pG;
+@@ -1621,7 +1625,15 @@ int UZ_EXP UzpPassword (pG, rcnt, pwbuf,
+ 
+     if (*rcnt == 0) {           /* First call for current entry */
+         *rcnt = 2;
+-        if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
++        zfnf = FnFilter1(zfn);
++        efnf = FnFilter2(efn);
++        zfnfl = strlen(zfnf);
++        isOverflow = TRUE;
++        if (2*FILNAMSIZ >= zfnfl && (2*FILNAMSIZ - zfnfl) >= strlen(efnf))
++        {
++		isOverflow = FALSE;
++        }
++        if ((isOverflow == FALSE) && ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL)) {
+             sprintf(prompt, LoadFarString(PasswPrompt),
+                     FnFilter1(zfn), FnFilter2(efn));
+             m = prompt;
diff --git a/unzip-rcc.spec b/unzip-rcc.spec
index ee64cb8..970f21e 100644
--- a/unzip-rcc.spec
+++ b/unzip-rcc.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package unzip-rcc
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
diff --git a/unzip.changes b/unzip.changes
index 7257ea0..3f671c9 100644
--- a/unzip.changes
+++ b/unzip.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Feb  8 14:11:25 UTC 2018 - kbabioch@suse.com
+
+- Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in 
+  password protected ZIP archives (CVE-2018-1000035 bsc#1080074)
+
 -------------------------------------------------------------------
 Thu Jul  6 13:25:44 UTC 2017 - nico.kruber@gmail.com
 
diff --git a/unzip.spec b/unzip.spec
index fe374cc..2e4ff4f 100644
--- a/unzip.spec
+++ b/unzip.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package unzip
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -56,6 +56,7 @@ Patch15:        CVE-2015-7696.patch
 Patch16:        CVE-2015-7697.patch
 Patch17:        CVE-2016-9844.patch
 Patch18:        CVE-2014-9913.patch
+Patch19:        CVE-2018-1000035.patch
 Requires(post): update-alternatives
 Requires(preun): update-alternatives
 Recommends:     %{_name}-doc
@@ -98,6 +99,7 @@ functionality. This version can also extract encrypted archives.
 %patch16 -p1
 %patch17 -p1
 %patch18 -p1
+%patch19 -p0
 
 %build
 export RPM_OPT_FLAGS="%{optflags} \