diff --git a/mtools-4.0.1-overflow.diff b/mtools-4.0.1-overflow.diff
new file mode 100644
index 0000000..bf26b33
--- /dev/null
+++ b/mtools-4.0.1-overflow.diff
@@ -0,0 +1,22 @@
+--- file_name.c
++++ file_name.c
+@@ -145,7 +145,7 @@ void dos_name(doscp_t *toDos, const char
+ wchar_t *unix_name(doscp_t *dosCp,
+ 		   const char *base, const char *ext, char Case, wchar_t *ret)
+ {
+-	char *s, tname[9], text[4], ans[11];
++	char *s, tname[9], text[4], ans[13];
+ 	int i;
+ 
+ 	strncpy(tname, base, 8);
+--- mpartition.c
++++ mpartition.c
+@@ -514,7 +514,7 @@ void mpartition(int argc, char **argv, i
+ 			read(fd, (char *) buf, 512);
+ 		}
+ 		memset((char *)(partTable+1), 0, 4*sizeof(*partTable));
+-		set_dword(((unsigned char*)buf)+510, 0xaa55);
++		set_word(((unsigned char*)buf)+510, 0xaa55);
+ 	}
+ 
+ 	/* check for boot signature, and place it if needed */
diff --git a/mtools.changes b/mtools.changes
index 2cb9b96..91c5b59 100644
--- a/mtools.changes
+++ b/mtools.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Wed Jan 21 17:22:15 CET 2009 - schwab@suse.de
+
+- Fix buffer overflows.
+
 -------------------------------------------------------------------
 Tue Jan 13 18:14:34 CET 2009 - pgajdos@suse.cz
 
diff --git a/mtools.spec b/mtools.spec
index c1a01a7..5d992f7 100644
--- a/mtools.spec
+++ b/mtools.spec
@@ -21,7 +21,7 @@
 Name:           mtools
 BuildRequires:  libpng texlive-latex xorg-x11 xorg-x11-devel
 Version:        4.0.1
-Release:        1
+Release:        2
 AutoReqProv:    on
 Group:          System/Filesystems
 License:        GPL v2 or later
@@ -34,6 +34,7 @@ Patch2:         %{name}-%{version}-script.diff
 Patch3:         %{name}-%{version}-aliasing.diff
 Patch4:         %{name}-%{version}-fat-bits.diff
 Patch5:         %{name}-%{version}-prototypes.diff
+Patch6:         %{name}-%{version}-overflow.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %package floppyd
@@ -75,6 +76,7 @@ Authors:
 %patch3
 %patch4
 %patch5
+%patch6
 
 %build
 %{suse_update_config -f}
@@ -103,9 +105,11 @@ rm -rf $RPM_BUILD_ROOT
 %defattr(-,root,root)
 %config %{_sysconfdir}/mtools.conf
 %doc *.dvi Release.notes Changelog COPYING README*
-%doc %{_mandir}/man?*/[a-eg-z]*
+%doc %{_mandir}/man?*/*
+%exclude %{_mandir}/man?*/f*
 %doc %{_infodir}/mtools.info*
-%{_bindir}/[a-eg-z]*
+%{_bindir}/*
+%exclude %{_bindir}/f*
 
 %files floppyd
 %defattr(-,root,root)
@@ -113,6 +117,8 @@ rm -rf $RPM_BUILD_ROOT
 %{_bindir}/f*
 
 %changelog
+* Wed Jan 21 2009 schwab@suse.de
+- Fix buffer overflows.
 * Tue Jan 13 2009 pgajdos@suse.cz
 - updated to 4.0.1
   * unicode support