diff --git a/zlib/trunk/PKGBUILD b/zlib/trunk/PKGBUILD
index 8a3d69ef..ef24f7b1 100644
--- a/zlib/trunk/PKGBUILD
+++ b/zlib/trunk/PKGBUILD
@@ -4,17 +4,21 @@ pkgbase=zlib
 pkgname=(zlib minizip)
 epoch=1
 pkgver=1.2.12
-pkgrel=2
+pkgrel=3
 arch=('x86_64')
 license=('custom')
 url="https://www.zlib.net/"
 depends=('glibc')
 options=('staticlibs')  # needed by binutils testsuite
 source=("https://zlib.net/zlib-${pkgver}.tar.gz"{,.asc}
-        $pkgname-handle-incorrect-crc-inputs.patch::https://github.com/madler/zlib/commit/ec3df00224d4.patch)
+        $pkgname-handle-incorrect-crc-inputs.patch::https://github.com/madler/zlib/commit/ec3df00224d4.patch
+        $pkgname-CVE-2022-37434.patch::https://github.com/madler/zlib/commit/eff308af42.patch
+        $pkgname-CVE-2022-37434-fix.patch::https://github.com/madler/zlib/commit/1eb7682f84.patch)
 sha256sums=('91844808532e5ce316b3c010929493c0244f3d37593afd6de04f71821d5136d9'
             'SKIP'
-            '00e023c3ccb7b895ebb3421970b1b77f8a527b40190f35050b79fd0e817a7b0c')
+            '00e023c3ccb7b895ebb3421970b1b77f8a527b40190f35050b79fd0e817a7b0c'
+            '0bf4794975bd3be95f3f1d92cdf781a26c937d5c879b72939ae9cffbf6c430c7'
+            'db41b76fd40bdc77b26e9a202177cee807da5e7cf751e72298d62742c349057d')
 validpgpkeys=('5ED46A6721D365587791E2AA783FCD8E58BCAFBA')
 
 prepare() {
@@ -23,6 +27,9 @@ prepare() {
 
 	# https://github.com/madler/zlib/issues/613
 	patch -Np1 -i ../$pkgname-handle-incorrect-crc-inputs.patch
+
+	patch -Np1 -i ../$pkgname-CVE-2022-37434.patch
+	patch -Np1 -i ../$pkgname-CVE-2022-37434-fix.patch
 }
 
 build() {