--- PKGBUILD	2014-11-04 12:29:48.000000000 +0100
+++ PKGBUILD	2015-01-19 17:29:22.175752569 +0100
@@ -5,15 +5,17 @@
 
 pkgname=polarssl
 pkgver=1.3.9
-pkgrel=1
+pkgrel=2
 pkgdesc="Portable cryptographic and SSL/TLS library"
 arch=('i686' 'x86_64')
 url="https://www.polarssl.org/"
 license=('GPL2')
 source=("https://polarssl.org/download/polarssl-$pkgver-gpl.tgz"
-        "programs.makefile.patch")
+        "programs.makefile.patch"
+        "CVE-2015-1182.patch")
 sha1sums=('3462b4455e1443ac1a1007fbd69861ebfb5c5506'
-          '1e9e7d3dcdd6932b02d6dcabdf45041a3726f1be')
+          '1e9e7d3dcdd6932b02d6dcabdf45041a3726f1be'
+          '94317c4757063d006fb4e666b522b581326ba708')
 depends=('glibc')
 options=('staticlibs')
 
@@ -21,6 +23,11 @@
 # https://github.com/alucryd/aur-alucryd/blob/master/personal/polarssl/PKGBUILD
 # https://aur.archlinux.org/packages/po/polarssl-git/PKGBUILD
 
+prepare() {
+  cd "$pkgname-$pkgver"
+  patch -p1 -i "$srcdir/CVE-2015-1182.patch"
+}
+
 build() {
   cd "$pkgname-$pkgver"
   sed -i 's|//\(#define POLARSSL_THREADING_C\)|\1|' include/polarssl/config.h