diff --git a/xine-lib-TKADV2009-004.diff b/xine-lib-TKADV2009-004.diff
index 670a1ec..5f56eca 100644
--- a/xine-lib-TKADV2009-004.diff
+++ b/xine-lib-TKADV2009-004.diff
@@ -2,14 +2,21 @@ Index: xine-lib-1.1.16.1/src/demuxers/demux_4xm.c
 ===================================================================
 --- xine-lib-1.1.16.1.orig/src/demuxers/demux_4xm.c
 +++ xine-lib-1.1.16.1/src/demuxers/demux_4xm.c
-@@ -190,6 +190,10 @@ static int open_fourxm_file(demux_fourxm
+@@ -190,8 +190,16 @@ static int open_fourxm_file(demux_fourxm
          return 0;
        }
        const uint32_t current_track = _X_LE_32(&header[i + 8]);
+-      if (current_track + 1 > fourxm->track_count) {
 +      if(current_track >= UINT_MAX / sizeof(audio_track_t) - 1){
 +	free(header);
 +	return 0;
 +      }
-       if (current_track + 1 > fourxm->track_count) {
++      if (current_track >= fourxm->track_count) {
          fourxm->track_count = current_track + 1;
++        if (!fourxm->track_count || fourxm->track_count >= UINT_MAX / sizeof(audio_track_t)) {
++          free(header);
++          return 0;
++        }
          fourxm->tracks = realloc(fourxm->tracks,
+           fourxm->track_count * sizeof(audio_track_t));
+         if (!fourxm->tracks) {
diff --git a/xine-lib.changes b/xine-lib.changes
index 424e94d..98fc74c 100644
--- a/xine-lib.changes
+++ b/xine-lib.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Fri Mar  6 19:25:25 CET 2009 - mhopf@suse.de
+
+- Updated security fix for 4xm demuxer (TKADV2009-004, bnc#473825)
+
 -------------------------------------------------------------------
 Tue Feb 17 11:50:57 CET 2009 - lnussel@suse.de
 
diff --git a/xine-lib.spec b/xine-lib.spec
index e3ce35b..00ee7e8 100644
--- a/xine-lib.spec
+++ b/xine-lib.spec
@@ -94,7 +94,7 @@ BuildRequires:  DirectFB
 BuildRequires:  libmodplug
 %endif
 Version:        1.1.16.1
-Release:        3
+Release:        4
 # XINE_MAJOR.XINE_LT_CURRENT in configure.ac
 %define abiversion 1.25
 # bug437293
@@ -814,6 +814,8 @@ rm -rf %{buildroot}
 %endif
 
 %changelog
+* Fri Mar 06 2009 mhopf@suse.de
+- Updated security fix for 4xm demuxer (TKADV2009-004, bnc#473825)
 * Tue Feb 17 2009 lnussel@suse.de
 - fix libtool breakage on older distributions with hack
 * Tue Feb 10 2009 mhopf@suse.de