diff --git a/libtiff-CVE-2014-9655.patch b/libtiff-CVE-2014-9655.patch
new file mode 100644
index 0000000..de90114
--- /dev/null
+++ b/libtiff-CVE-2014-9655.patch
@@ -0,0 +1,34 @@
+commit 26d8e9052f2226508d076f390162afb04d737bec
+Author: erouault <erouault>
+Date:   Sat Dec 27 15:20:42 2014 +0000
+
+    * libtiff/tif_dir.c: in TIFFDefaultDirectory(), reset any already existing
+    extented tags installed by user code through the extender mechaninm before
+    calling the extender callback (GDAL #5054)
+
+diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
+index ab43a28..1a413df 100644
+--- a/libtiff/tif_dir.c
++++ b/libtiff/tif_dir.c
+@@ -1322,8 +1322,20 @@ TIFFDefaultDirectory(TIFF* tif)
+ 	tif->tif_tagmethods.printdir = NULL;
+ 	/*
+ 	 *  Give client code a chance to install their own
+-	 *  tag extensions & methods, prior to compression overloads.
++	 *  tag extensions & methods, prior to compression overloads,
++	 *  but do some prior cleanup first. (http://trac.osgeo.org/gdal/ticket/5054)
+ 	 */
++	if (tif->tif_nfieldscompat > 0) {
++		uint32 i;
++
++		for (i = 0; i < tif->tif_nfieldscompat; i++) {
++				if (tif->tif_fieldscompat[i].allocated_size)
++						_TIFFfree(tif->tif_fieldscompat[i].fields);
++		}
++		_TIFFfree(tif->tif_fieldscompat);
++		tif->tif_nfieldscompat = 0;
++		tif->tif_fieldscompat = NULL;
++	}
+ 	if (_TIFFextender)
+ 		(*_TIFFextender)(tif);
+ 	(void) TIFFSetField(tif, TIFFTAG_COMPRESSION, COMPRESSION_NONE);
diff --git a/mingw-libtiff.spec b/mingw-libtiff.spec
index a809e4e..af82b06 100644
--- a/mingw-libtiff.spec
+++ b/mingw-libtiff.spec
@@ -3,7 +3,7 @@
 Summary:        MinGW Windows port of the LibTIFF library
 Name:           mingw-libtiff
 Version:        4.0.3
-Release:        5%{?dist}
+Release:        6%{?dist}
 License:        libtiff
 Group:          System Environment/Libraries
 URL:            http://www.remotesensing.org/libtiff/
@@ -19,6 +19,10 @@ Patch5:         libtiff-CVE-2013-4232.patch
 Patch6:         libtiff-CVE-2013-4244.patch
 Patch7:         libtiff-CVE-2013-4243.patch
 
+# Also fixes CVE-2015-1547 according to
+# https://bugzilla.redhat.com/show_bug.cgi?id=1190709#c3
+Patch8:         libtiff-CVE-2014-9655.patch
+
 BuildArch:      noarch
 
 BuildRequires:  mingw32-zlib
@@ -102,6 +106,7 @@ Static version of the MinGW Windows LibTIFF library.
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
 
 
 %build
@@ -158,6 +163,9 @@ find $RPM_BUILD_ROOT -name "*.la" -delete
 
 
 %changelog
+* Fri Apr 24 2015 Erik van Pienbroek <epienbro@fedoraproject.org> - 4.0.3-6
+- Fix CVE-2014-9655 and CVE-2015-1547 (RHBZ #1190712)
+
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.3-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild