diff --git a/zlib/trunk/PKGBUILD b/zlib/trunk/PKGBUILD
index 8a3d69ef..ef43d5a8 100644
--- a/zlib/trunk/PKGBUILD
+++ b/zlib/trunk/PKGBUILD
@@ -4,17 +4,19 @@ pkgbase=zlib
 pkgname=(zlib minizip)
 epoch=1
 pkgver=1.2.12
-pkgrel=2
+pkgrel=3
 arch=('x86_64')
 license=('custom')
 url="https://www.zlib.net/"
 depends=('glibc')
 options=('staticlibs')  # needed by binutils testsuite
 source=("https://zlib.net/zlib-${pkgver}.tar.gz"{,.asc}
-        $pkgname-handle-incorrect-crc-inputs.patch::https://github.com/madler/zlib/commit/ec3df00224d4.patch)
+        $pkgname-handle-incorrect-crc-inputs.patch::https://github.com/madler/zlib/commit/ec3df00224d4.patch
+        $pkgname-CVE-2022-37434.patch::https://github.com/madler/zlib/commit/eff308af42.patch)
 sha256sums=('91844808532e5ce316b3c010929493c0244f3d37593afd6de04f71821d5136d9'
             'SKIP'
-            '00e023c3ccb7b895ebb3421970b1b77f8a527b40190f35050b79fd0e817a7b0c')
+            '00e023c3ccb7b895ebb3421970b1b77f8a527b40190f35050b79fd0e817a7b0c'
+            '0bf4794975bd3be95f3f1d92cdf781a26c937d5c879b72939ae9cffbf6c430c7')
 validpgpkeys=('5ED46A6721D365587791E2AA783FCD8E58BCAFBA')
 
 prepare() {
@@ -23,6 +25,8 @@ prepare() {
 
 	# https://github.com/madler/zlib/issues/613
 	patch -Np1 -i ../$pkgname-handle-incorrect-crc-inputs.patch
+
+	patch -Np1 -i ../$pkgname-CVE-2022-37434.patch
 }
 
 build() {