diff --git a/SOURCES/ImageMagick-cve-2016-5118.patch b/SOURCES/ImageMagick-cve-2016-5118.patch
new file mode 100644
index 0000000..ad6375b
--- /dev/null
+++ b/SOURCES/ImageMagick-cve-2016-5118.patch
@@ -0,0 +1,11 @@
+diff -up ImageMagick-6.7.8-9/magick/blob.c.cve-2016-5118 ImageMagick-6.7.8-9/magick/blob.c
+--- ImageMagick-6.7.8-9/magick/blob.c.cve-2016-5118	2016-06-02 11:11:35.681242509 +0200
++++ ImageMagick-6.7.8-9/magick/blob.c	2016-06-02 11:34:57.707081030 +0200
+@@ -91,6 +91,7 @@
+ #define _O_BINARY O_BINARY
+ #endif
+ 
++#undef MAGICKCORE_HAVE_POPEN
+ /*
+   Typedef declarations.
+ */
diff --git a/SOURCES/ImageMagick-cve-2016-5240.patch b/SOURCES/ImageMagick-cve-2016-5240.patch
new file mode 100644
index 0000000..9abb99f
--- /dev/null
+++ b/SOURCES/ImageMagick-cve-2016-5240.patch
@@ -0,0 +1,47 @@
+diff -up ImageMagick-6.7.8-9/magick/draw.c.svg-endless-loop ImageMagick-6.7.8-9/magick/draw.c
+--- ImageMagick-6.7.8-9/magick/draw.c.svg-endless-loop	2012-07-30 14:28:56.000000000 +0200
++++ ImageMagick-6.7.8-9/magick/draw.c	2016-06-03 13:54:20.337142553 +0200
+@@ -1569,7 +1569,7 @@ static MagickBooleanType DrawDashPolygon
+   status=MagickTrue;
+   maximum_length=0.0;
+   total_length=0.0;
+-  for (i=1; i < (ssize_t) number_vertices; i++)
++  for (i=1; (i < (ssize_t) number_vertices) && (length >= 0.0); i++)
+   {
+     dx=primitive_info[i].point.x-primitive_info[i-1].point.x;
+     dy=primitive_info[i].point.y-primitive_info[i-1].point.y;
+@@ -1581,7 +1581,7 @@ static MagickBooleanType DrawDashPolygon
+           n=0;
+         length=scale*(draw_info->dash_pattern[n]+(n == 0 ? -0.5 : 0.5));
+       }
+-    for (total_length=0.0; (total_length+length) <= maximum_length; )
++    for (total_length=0.0; (length >= 0.0) && (total_length+length) <= maximum_length; )
+     {
+       total_length+=length;
+       if ((n & 0x01) != 0)
+@@ -2561,9 +2561,7 @@ MagickExport MagickBooleanType DrawImage
+           }
+         if (LocaleCompare("stroke-dasharray",keyword) == 0)
+           {
+-            if (graphic_context[n]->dash_pattern != (double *) NULL)
+-              graphic_context[n]->dash_pattern=(double *)
+-                RelinquishMagickMemory(graphic_context[n]->dash_pattern);
++            graphic_context[n]->dash_pattern = RelinquishMagickMemory(graphic_context[n]->dash_pattern);
+             if (IsPoint(q) != MagickFalse)
+               {
+                 const char
+@@ -2596,7 +2594,14 @@ MagickExport MagickBooleanType DrawImage
+                     GetMagickToken(q,&q,token);
+                   graphic_context[n]->dash_pattern[j]=StringToDouble(token,
+                     (char **) NULL);
++                  if (graphic_context[n]->dash_pattern[j] < 0.0)
++                    status=MagickFalse;
+                 }
++                if (status == MagickFalse)
++                  {
++                    graphic_context[n]->dash_pattern = RelinquishMagickMemory(graphic_context[n]->dash_pattern);
++                    break;
++                  }
+                 if ((x & 0x01) != 0)
+                   for ( ; j < (2*x); j++)
+                     graphic_context[n]->dash_pattern[j]=
diff --git a/SOURCES/ImageMagick-gnuplot-delegate-remove.diff b/SOURCES/ImageMagick-gnuplot-delegate-remove.diff
new file mode 100644
index 0000000..edc339b
--- /dev/null
+++ b/SOURCES/ImageMagick-gnuplot-delegate-remove.diff
@@ -0,0 +1,141 @@
+diff -up ImageMagick-6.7.8-9/config/delegates.xml.in.gnuplot-delegate-remove ImageMagick-6.7.8-9/config/delegates.xml.in
+--- ImageMagick-6.7.8-9/config/delegates.xml.in.gnuplot-delegate-remove	2016-06-02 13:46:27.392910453 +0200
++++ ImageMagick-6.7.8-9/config/delegates.xml.in	2016-06-02 13:52:15.161907901 +0200
+@@ -80,7 +80,6 @@
+   <delegate decode="eps" encode="pdf" mode="bi" command="&quot;@PSDelegate@&quot; -q -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 &quot;-sDEVICE=@GSPDFDevice@&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
+   <delegate decode="eps" encode="ps" mode="bi" command="&quot;@PSDelegate@&quot; -q -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSPSDevice@&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
+   <delegate decode="fig" command="&quot;@FIGDecodeDelegate@&quot; -L ps &quot;%i&quot; &quot;%o&quot;"/>
+-  <delegate decode="plt" command="&quot;@EchoDelegate@&quot; &quot;set size 1.25,0.62; set terminal postscript portrait color solid; set output \'%o\'; load \'%i\'&quot; &gt; &quot;%u&quot;;&quot;@GnuplotDecodeDelegate@&quot; &quot;%u&quot;"/>
+   <delegate decode="hpg" command="&quot;@HPGLDecodeDelegate@&quot; -q -m eps -f `basename &quot;%o&quot;` &quot;%i&quot;;     mv -f `basename &quot;%o&quot;` &quot;%o&quot;"/>
+   <delegate decode="hpgl" command="if [ -e @HPGLDecodeDelegate@ -o -e /usr/bin/@HPGLDecodeDelegate@ ]; then     @HPGLDecodeDelegate@ -q -m eps -f `basename &quot;%o&quot;` &quot;%i&quot;;     mv -f `basename &quot;%o&quot;` &quot;%o&quot;;   else     echo &quot;You need to install hp2xx to use HPGL files with ImageMagick.&quot;;     exit 1;   fi"/>
+   <delegate decode="htm" command="&quot;@HTMLDecodeDelegate@&quot; -U -o &quot;%o&quot; &quot;%i&quot;"/>
+diff -up ImageMagick-6.7.8-9/configure.ac.gnuplot-delegate-remove ImageMagick-6.7.8-9/configure.ac
+--- ImageMagick-6.7.8-9/configure.ac.gnuplot-delegate-remove	2012-08-05 17:58:14.000000000 +0200
++++ ImageMagick-6.7.8-9/configure.ac	2016-06-02 13:48:27.359909573 +0200
+@@ -3055,7 +3055,6 @@ FIGDecodeDelegateDefault='fig2dev'
+ ConvertDelegateDefault=`echo convert | sed ${configure_transform_name}`
+ DisplayDelegateDefault=`echo display | sed ${configure_transform_name}`
+ MogrifyDelegateDefault=`echo mogrify | sed ${configure_transform_name}`
+-GnuplotDecodeDelegateDefault='gnuplot'
+ HPGLDecodeDelegateDefault='hp2xx'
+ HTMLDecodeDelegateDefault='html2ps'
+ ILBMDecodeDelegateDefault='ilbmtoppm'
+@@ -3107,7 +3106,6 @@ AC_PATH_PROG(FIGDecodeDelegate, "$FIGDec
+ AC_PATH_PROG(ConvertDelegate, "$ConvertDelegateDefault", "$ConvertDelegateDefault")
+ AC_PATH_PROG(DisplayDelegate, "$DisplayDelegateDefault", "$DisplayDelegateDefault")
+ AC_PATH_PROG(MogrifyDelegate, "$MogrifyDelegateDefault", "$MogrifyDelegateDefault")
+-AC_PATH_PROG(GnuplotDecodeDelegate, "$GnuplotDecodeDelegateDefault", "$GnuplotDecodeDelegateDefault")
+ AC_PATH_PROG(HPGLDecodeDelegate, "$HPGLDecodeDelegateDefault", "$HPGLDecodeDelegateDefault")
+ AC_PATH_PROG(HTMLDecodeDelegate, "$HTMLDecodeDelegateDefault", "$HTMLDecodeDelegateDefault")
+ AC_PATH_PROG(ILBMDecodeDelegate, "$ILBMDecodeDelegateDefault", "$ILBMDecodeDelegateDefault")
+@@ -3273,7 +3271,6 @@ if test "$with_frozenpaths" != 'yes'; th
+   EchoDelegate="$EchoDelegateDefault"
+   EditorDelegate="$EditorDelegateDefault"
+   FIGDecodeDelegate="$FIGDecodeDelegateDefault"
+-  GnuplotDecodeDelegate="$GnuplotDecodeDelegateDefault"
+   HPGLDecodeDelegate="$HPGLDecodeDelegateDefault"
+   HTMLDecodeDelegate="$HTMLDecodeDelegateDefault"
+   ILBMDecodeDelegate="$ILBMDecodeDelegateDefault"
+@@ -3318,7 +3315,6 @@ AC_SUBST(DVIDecodeDelegate)
+ AC_SUBST(EchoDelegate)
+ AC_SUBST(EditorDelegate)
+ AC_SUBST(FIGDecodeDelegate)
+-AC_SUBST(GnuplotDecodeDelegate)
+ AC_SUBST(HPGLDecodeDelegate)
+ AC_SUBST(HTMLDecodeDelegate)
+ AC_SUBST(ILBMDecodeDelegate)
+diff -up ImageMagick-6.7.8-9/configure.gnuplot-delegate-remove ImageMagick-6.7.8-9/configure
+--- ImageMagick-6.7.8-9/configure.gnuplot-delegate-remove	2016-06-02 13:46:27.368910453 +0200
++++ ImageMagick-6.7.8-9/configure	2016-06-02 13:50:26.856908696 +0200
+@@ -725,7 +725,6 @@ ILBMEncodeDelegate
+ ILBMDecodeDelegate
+ HTMLDecodeDelegate
+ HPGLDecodeDelegate
+-GnuplotDecodeDelegate
+ MogrifyDelegate
+ DisplayDelegate
+ ConvertDelegate
+@@ -32794,7 +32793,6 @@ FIGDecodeDelegateDefault='fig2dev'
+ ConvertDelegateDefault=`echo convert | sed ${configure_transform_name}`
+ DisplayDelegateDefault=`echo display | sed ${configure_transform_name}`
+ MogrifyDelegateDefault=`echo mogrify | sed ${configure_transform_name}`
+-GnuplotDecodeDelegateDefault='gnuplot'
+ HPGLDecodeDelegateDefault='hp2xx'
+ HTMLDecodeDelegateDefault='html2ps'
+ ILBMDecodeDelegateDefault='ilbmtoppm'
+@@ -33445,48 +33443,6 @@ else
+ $as_echo "no" >&6; }
+ fi
+ 
+-
+-# Extract the first word of ""$GnuplotDecodeDelegateDefault"", so it can be a program name with args.
+-set dummy "$GnuplotDecodeDelegateDefault"; ac_word=$2
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+-$as_echo_n "checking for $ac_word... " >&6; }
+-if ${ac_cv_path_GnuplotDecodeDelegate+:} false; then :
+-  $as_echo_n "(cached) " >&6
+-else
+-  case $GnuplotDecodeDelegate in
+-  [\\/]* | ?:[\\/]*)
+-  ac_cv_path_GnuplotDecodeDelegate="$GnuplotDecodeDelegate" # Let the user override the test with a path.
+-  ;;
+-  *)
+-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+-for as_dir in $PATH
+-do
+-  IFS=$as_save_IFS
+-  test -z "$as_dir" && as_dir=.
+-    for ac_exec_ext in '' $ac_executable_extensions; do
+-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+-    ac_cv_path_GnuplotDecodeDelegate="$as_dir/$ac_word$ac_exec_ext"
+-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+-    break 2
+-  fi
+-done
+-  done
+-IFS=$as_save_IFS
+-
+-  test -z "$ac_cv_path_GnuplotDecodeDelegate" && ac_cv_path_GnuplotDecodeDelegate=""$GnuplotDecodeDelegateDefault""
+-  ;;
+-esac
+-fi
+-GnuplotDecodeDelegate=$ac_cv_path_GnuplotDecodeDelegate
+-if test -n "$GnuplotDecodeDelegate"; then
+-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GnuplotDecodeDelegate" >&5
+-$as_echo "$GnuplotDecodeDelegate" >&6; }
+-else
+-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+-$as_echo "no" >&6; }
+-fi
+-
+-
+ # Extract the first word of ""$HPGLDecodeDelegateDefault"", so it can be a program name with args.
+ set dummy "$HPGLDecodeDelegateDefault"; ac_word=$2
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+@@ -34783,7 +34739,6 @@ if test "$with_frozenpaths" != 'yes'; th
+   EchoDelegate="$EchoDelegateDefault"
+   EditorDelegate="$EditorDelegateDefault"
+   FIGDecodeDelegate="$FIGDecodeDelegateDefault"
+-  GnuplotDecodeDelegate="$GnuplotDecodeDelegateDefault"
+   HPGLDecodeDelegate="$HPGLDecodeDelegateDefault"
+   HTMLDecodeDelegate="$HTMLDecodeDelegateDefault"
+   ILBMDecodeDelegate="$ILBMDecodeDelegateDefault"
+@@ -34819,7 +34774,6 @@ fi
+ 
+ 
+ 
+-
+ 
+ 
+ 
+diff -up ImageMagick-6.7.8-9/Makefile.in.gnuplot-delegate-remove ImageMagick-6.7.8-9/Makefile.in
+--- ImageMagick-6.7.8-9/Makefile.in.gnuplot-delegate-remove	2012-08-10 14:41:20.000000000 +0200
++++ ImageMagick-6.7.8-9/Makefile.in	2016-06-02 13:46:27.392910453 +0200
+@@ -2534,7 +2534,6 @@ GS_LIBS = @GS_LIBS@
+ GVCDecodeDelegate = @GVCDecodeDelegate@
+ GVC_CFLAGS = @GVC_CFLAGS@
+ GVC_LIBS = @GVC_LIBS@
+-GnuplotDecodeDelegate = @GnuplotDecodeDelegate@
+ HPGLDecodeDelegate = @HPGLDecodeDelegate@
+ HTMLDecodeDelegate = @HTMLDecodeDelegate@
+ ILBMDecodeDelegate = @ILBMDecodeDelegate@
diff --git a/SOURCES/ImageMagick-icon-mem.patch b/SOURCES/ImageMagick-icon-mem.patch
new file mode 100644
index 0000000..a2d2a62
--- /dev/null
+++ b/SOURCES/ImageMagick-icon-mem.patch
@@ -0,0 +1,12 @@
+diff -up ImageMagick-6.7.8-9/coders/icon.c.icon-mem ImageMagick-6.7.8-9/coders/icon.c
+--- ImageMagick-6.7.8-9/coders/icon.c.icon-mem	2012-07-17 21:11:28.000000000 +0200
++++ ImageMagick-6.7.8-9/coders/icon.c	2016-06-02 16:18:24.366200378 +0200
+@@ -277,6 +277,8 @@ static Image *ReadICONImage(const ImageI
+           Icon image encoded as a compressed PNG image.
+         */
+         length=icon_file.directory[i].size;
++        if (~length < 16)
++          ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+         png=(unsigned char *) AcquireQuantumMemory(length+16,sizeof(*png));
+         if (png == (unsigned char *) NULL)
+           ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
diff --git a/SOURCES/ImageMagick-null-pointer-access.patch b/SOURCES/ImageMagick-null-pointer-access.patch
new file mode 100644
index 0000000..b92df43
--- /dev/null
+++ b/SOURCES/ImageMagick-null-pointer-access.patch
@@ -0,0 +1,34 @@
+diff -up ImageMagick-6.7.8-9/magick/constitute.c.null-pointer-access ImageMagick-6.7.8-9/magick/constitute.c
+--- ImageMagick-6.7.8-9/magick/constitute.c.null-pointer-access	2012-07-29 22:26:50.000000000 +0200
++++ ImageMagick-6.7.8-9/magick/constitute.c	2016-06-02 17:32:26.990718329 +0200
+@@ -1324,7 +1324,7 @@ MagickExport MagickBooleanType WriteImag
+     status;
+ 
+   register Image
+-    *p;
++    *p, *next_p;
+ 
+   assert(image_info != (const ImageInfo *) NULL);
+   assert(image_info->signature == MagickSignature);
+@@ -1349,8 +1349,11 @@ MagickExport MagickBooleanType WriteImag
+     sans_exception);
+   sans_exception=DestroyExceptionInfo(sans_exception);
+   p=images;
+-  for ( ; GetNextImageInList(p) != (Image *) NULL; p=GetNextImageInList(p))
+-    if (p->scene >= GetNextImageInList(p)->scene)
++  for ( ; GetNextImageInList(p) != (Image *) NULL; p=GetNextImageInList(p)) {
++    next_p = GetNextImageInList(p);
++    if (next_p == (Image *) NULL)
++      break;
++    if (p->scene >= next_p->scene)
+       {
+         register ssize_t
+           i;
+@@ -1363,6 +1366,7 @@ MagickExport MagickBooleanType WriteImag
+           p->scene=(size_t) i++;
+         break;
+       }
++  }
+   /*
+     Write images.
+   */
diff --git a/SOURCES/ImageMagick-pict-doublefree.patch b/SOURCES/ImageMagick-pict-doublefree.patch
new file mode 100644
index 0000000..ff744ae
--- /dev/null
+++ b/SOURCES/ImageMagick-pict-doublefree.patch
@@ -0,0 +1,44 @@
+From 0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 Mon Sep 17 00:00:00 2001
+From: cristy <urban-warrior@git.imagemagick.org>
+Date: Sat, 30 May 2015 00:49:11 +0000
+Subject: [PATCH]
+
+diff --git a/coders/pict.c b/coders/pict.c
+index 4f51eb3..027119d 100644
+--- a/coders/pict.c
++++ b/coders/pict.c
+@@ -1637,6 +1637,7 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+   size_t
+     bytes_per_line,
+     count,
++    row_bytes,
+     storage_class;
+ 
+   ssize_t
+@@ -1649,7 +1650,6 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+ 
+   unsigned short
+     base_address,
+-    row_bytes,
+     transfer_mode;
+ 
+   /*
+@@ -1681,7 +1681,7 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+   source_rectangle=size_rectangle;
+   destination_rectangle=size_rectangle;
+   base_address=0xff;
+-  row_bytes=(unsigned short) (image->columns | 0x8000);
++  row_bytes=image->columns;
+   bounds.top=0;
+   bounds.left=0;
+   bounds.bottom=(short) image->rows;
+@@ -1711,7 +1711,7 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+       pixmap.bits_per_pixel=32;
+       pixmap.pack_type=0x04;
+       transfer_mode=0x40;
+-      row_bytes=(unsigned short) ((4*image->columns) | 0x8000);
++      row_bytes=4*image->columns;
+     }
+   /*
+     Allocate memory.
+
diff --git a/SOURCES/ImageMagick-splice-crash.patch b/SOURCES/ImageMagick-splice-crash.patch
new file mode 100644
index 0000000..9b6a59f
--- /dev/null
+++ b/SOURCES/ImageMagick-splice-crash.patch
@@ -0,0 +1,69 @@
+diff -up ImageMagick-6.7.8-9/magick/transform.c.splice-crash ImageMagick-6.7.8-9/magick/transform.c
+--- ImageMagick-6.7.8-9/magick/transform.c.splice-crash	2012-06-20 15:03:21.000000000 +0200
++++ ImageMagick-6.7.8-9/magick/transform.c	2016-06-02 17:40:43.860641940 +0200
+@@ -65,6 +65,7 @@
+ #include "magick/string_.h"
+ #include "magick/thread-private.h"
+ #include "magick/transform.h"
++#define MagickMin(x,y) (((x) < (y)) ? (x) : (y))
+ 
+ /*
+ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+@@ -1646,6 +1647,7 @@ MagickExport Image *SpliceImage(const Im
+     splice_geometry;
+ 
+   ssize_t
++    columns,
+     y;
+ 
+   /*
+@@ -1730,6 +1732,7 @@ MagickExport Image *SpliceImage(const Im
+   */
+   status=MagickTrue;
+   progress=0;
++  columns=MagickMin(splice_geometry.x,(ssize_t) splice_image->columns);
+   image_view=AcquireVirtualCacheView(image,exception);
+   splice_view=AcquireAuthenticCacheView(splice_image,exception);
+ #if defined(MAGICKCORE_OPENMP_SUPPORT)
+@@ -1753,7 +1756,8 @@ MagickExport Image *SpliceImage(const Im
+ 
+     if (status == MagickFalse)
+       continue;
+-    p=GetCacheViewVirtualPixels(image_view,0,y,image->columns,1,exception);
++    p=GetCacheViewVirtualPixels(image_view,0,y,splice_image->columns,1,
++      exception);
+     q=QueueCacheViewAuthenticPixels(splice_view,0,y,splice_image->columns,1,
+       exception);
+     if ((p == (const PixelPacket *) NULL) || (q == (PixelPacket *) NULL))
+@@ -1763,7 +1767,7 @@ MagickExport Image *SpliceImage(const Im
+       }
+     indexes=GetCacheViewAuthenticIndexQueue(image_view);
+     splice_indexes=GetCacheViewAuthenticIndexQueue(splice_view);
+-    for (x=0; x < splice_geometry.x; x++)
++    for (x=0; x < columns; x++)
+     {
+       SetPixelRed(q,GetPixelRed(p));
+       SetPixelGreen(q,GetPixelGreen(p));
+@@ -1833,10 +1837,10 @@ MagickExport Image *SpliceImage(const Im
+ 
+     if (status == MagickFalse)
+       continue;
+-    p=GetCacheViewVirtualPixels(image_view,0,y-(ssize_t) splice_geometry.height,
+-      image->columns,1,exception);
+-    if ((y < 0) || (y >= (ssize_t) splice_image->rows))
++    if ((y < 0) || (y >= (ssize_t)splice_image->rows))
+       continue;
++    p=GetCacheViewVirtualPixels(image_view,0,y-(ssize_t) splice_geometry.height,
++      splice_image->columns,1,exception);
+     q=QueueCacheViewAuthenticPixels(splice_view,0,y,splice_image->columns,1,
+       exception);
+     if ((p == (const PixelPacket *) NULL) || (q == (PixelPacket *) NULL))
+@@ -1846,7 +1850,7 @@ MagickExport Image *SpliceImage(const Im
+       }
+     indexes=GetCacheViewAuthenticIndexQueue(image_view);
+     splice_indexes=GetCacheViewAuthenticIndexQueue(splice_view);
+-    for (x=0; x < splice_geometry.x; x++)
++    for (x=0; x < columns; x++)
+     {
+       SetPixelRed(q,GetPixelRed(p));
+       SetPixelGreen(q,GetPixelGreen(p));
diff --git a/SPECS/ImageMagick.spec b/SPECS/ImageMagick.spec
index b403e64..80c28e3 100644
--- a/SPECS/ImageMagick.spec
+++ b/SPECS/ImageMagick.spec
@@ -3,7 +3,7 @@
 
 Name:		ImageMagick
 Version:		%{VER}.%{Patchlevel}
-Release:		13%{?dist}
+Release:		15%{?dist}
 Summary:		An X application for displaying and manipulating images
 Group:		Applications/Multimedia
 License:		ImageMagick
@@ -14,6 +14,13 @@ Patch0:			0001-Fix-man-page-scan-results.patch
 Patch1:			0001-Fix-CVE-2014-1947-CVE-2014-2030.patch
 Patch2:     0002-1303227-fix-exr-crash.patch
 Patch3:     ImageMagick-cve-2016-3717.patch
+Patch4:     ImageMagick-cve-2016-5118.patch
+Patch5:     ImageMagick-pict-doublefree.patch
+Patch6:     ImageMagick-gnuplot-delegate-remove.diff
+Patch7:     ImageMagick-icon-mem.patch
+Patch8:     ImageMagick-splice-crash.patch
+Patch9:     ImageMagick-null-pointer-access.patch
+Patch10:    ImageMagick-cve-2016-5240.patch
 
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	bzip2-devel, freetype-devel, libjpeg-devel, libpng-devel
@@ -131,6 +138,13 @@ cp -p Magick++/demo/*.cpp Magick++/demo/*.miff Magick++/examples
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1 -z .cve-2016-3717
+%patch4 -p1 -b .cve-2016-5118
+%patch5 -p1 -b .pict-doublefree
+%patch6 -p1 -b .gnuplot-delegate-remove
+%patch7 -p1 -b .icon-mem
+%patch8 -p1 -b .splice-crash
+%patch9 -p1 -b .null-pointer-access
+%patch10 -p1 -b .cve-2016-5240
 
 %build
 %configure --enable-shared \
@@ -285,6 +299,10 @@ rm -rf %{buildroot}
 %doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
 
 %changelog
+* Thu Jun  2 2016 Jan Horak <jhorak@redhat.com> - 6.7.8.9-15
+- Added fix for CVE-2016-5118, CVE-2016-5240, rhbz#1269562,
+  rhbz#1326834, rhbz#1334188, rhbz#1269553
+
 * Thu May  5 2016 Jan Horak <jhorak@redhat.com> - 6.7.8.9-13
 - Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717