diff --git a/srcpkgs/bzip2/patches/CVE-2016-3189.patch b/srcpkgs/bzip2/patches/CVE-2016-3189.patch
new file mode 100644
index 00000000000..e7cc2c52513
--- /dev/null
+++ b/srcpkgs/bzip2/patches/CVE-2016-3189.patch
@@ -0,0 +1,12 @@
+Patch from: https://bugzilla.redhat.com/show_bug.cgi?id=1319648
+
+--- ./bzip2recover.c.old	2016-03-22 08:49:38.855620000 +0100
++++ ./bzip2recover.c	2016-03-30 10:22:27.341430099 +0200
+@@ -458,6 +458,7 @@ Int32 main ( Int32 argc, Char** argv )
+             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
+             bsPutUInt32 ( bsWr, blockCRC );
+             bsClose ( bsWr );
++            outFile = NULL;
+          }
+          if (wrBlock >= rbCtr) break;
+          wrBlock++;
diff --git a/srcpkgs/bzip2/template b/srcpkgs/bzip2/template
index c8cda9925ad..b54be5ee314 100644
--- a/srcpkgs/bzip2/template
+++ b/srcpkgs/bzip2/template
@@ -1,7 +1,7 @@
 # Template build file for 'bzip2'.
 pkgname=bzip2
 version=1.0.6
-revision=10
+revision=11
 bootstrap=yes
 homepage="http://www.bzip.org"
 distfiles="http://www.bzip.org/$version/$pkgname-$version.tar.gz"