diff --git a/unzip/trunk/PKGBUILD b/unzip/trunk/PKGBUILD
index 4596a56e40b..77e0ab95030 100644
--- a/unzip/trunk/PKGBUILD
+++ b/unzip/trunk/PKGBUILD
@@ -15,6 +15,7 @@ depends=('bzip2' 'bash')
 source=("https://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz"
         'overflow-fsize.patch'
         'cve20149636.patch'
+        'cve20181000035.patch'
         'test_compr_eb.patch'
         'getZip64Data.patch'
         'crc32.patch'
@@ -24,6 +25,7 @@ source=("https://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz"
 sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22'
           '2852ce1a9db8d646516f8828436a44d34785a0b3'
           'e8c0bc17c63eeed97ad62b86845d75c849bcf4f8'
+          'dce0d22089aaaca044a306b052ecdfed35abd998'
           '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824'
           '691d0751bf0bc98cf9f9889dee39baccabefdc4d'
           '82c9fe9172779a0ee92a187d544e74e8f512b013'
@@ -36,6 +38,7 @@ prepare() {
 	sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile
 	patch -p1 -i ../overflow-fsize.patch #FS#44171
 	patch -p1 -i ../cve20149636.patch #FS#44171
+	patch -p1 -i ../cve20181000035.patch
 	patch -i ../test_compr_eb.patch # FS#43391
 	patch -i ../getZip64Data.patch # FS#43300
 	patch -i ../crc32.patch # FS#43300
diff --git a/unzip/trunk/cve20181000035.patch b/unzip/trunk/cve20181000035.patch
new file mode 100644
index 00000000000..10ae0302f3a
--- /dev/null
+++ b/unzip/trunk/cve20181000035.patch
@@ -0,0 +1,35 @@
+From: Karol Babioch <kbabioch@suse.com>
+Subject: Fix buffer overflow in password protected zip archives
+Bug-Debian: https://bugs.debian.org/889838
+Origin: https://bugzilla.novell.com/attachment.cgi?id=759406
+
+--- a/fileio.c
++++ b/fileio.c
+@@ -1582,6 +1582,10 @@
+     int r = IZ_PW_ENTERED;
+     char *m;
+     char *prompt;
++    char *zfnf;
++    char *efnf;
++    size_t zfnfl;
++    int isOverflow;
+ 
+ #ifndef REENTRANT
+     /* tell picky compilers to shut up about "unused variable" warnings */
+@@ -1590,7 +1594,15 @@
+ 
+     if (*rcnt == 0) {           /* First call for current entry */
+         *rcnt = 2;
+-        if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
++        zfnf = FnFilter1(zfn);
++        efnf = FnFilter2(efn);
++        zfnfl = strlen(zfnf);
++        isOverflow = TRUE;
++        if (2*FILNAMSIZ >= zfnfl && (2*FILNAMSIZ - zfnfl) >= strlen(efnf))
++        {
++		isOverflow = FALSE;
++        }
++        if ((isOverflow == FALSE) && ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL)) {
+             sprintf(prompt, LoadFarString(PasswPrompt),
+                     FnFilter1(zfn), FnFilter2(efn));
+             m = prompt;