diff --git a/SOURCES/advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch b/SOURCES/advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch
new file mode 100644
index 0000000..6ac6439
--- /dev/null
+++ b/SOURCES/advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch
@@ -0,0 +1,15 @@
+diff -up advancecomp-1.15/lib/png.c.me advancecomp-1.15/lib/png.c
+--- advancecomp-1.15/lib/png.c.me	2019-06-11 13:17:33.265490986 +0200
++++ advancecomp-1.15/lib/png.c	2019-06-11 13:21:50.655818111 +0200
+@@ -656,6 +656,11 @@ adv_error adv_png_read_ihdr(
+ 	}
+ 	*pix_pixel = pixel;
+ 
++	if (width_align < width) {
++		error_unsupported_set("Invalid image size");
++		goto err;
++	}
++
+ 	if (data[10] != 0) { /* compression */
+ 		error_unsupported_set("Unsupported compression, %d instead of 0", (unsigned)data[10]);
+ 		goto err;
diff --git a/SPECS/advancecomp.spec b/SPECS/advancecomp.spec
index dc86cb8..3068853 100644
--- a/SPECS/advancecomp.spec
+++ b/SPECS/advancecomp.spec
@@ -1,13 +1,14 @@
 Summary: Recompression utilities for .PNG, .MNG and .ZIP files
 Name: advancecomp
 Version: 1.15
-Release: 21%{?dist}
+Release: 22%{?dist}
 License: GPLv2+
 Group: Applications/Emulators
 URL: http://advancemame.sourceforge.net/
 Source: http://downloads.sf.net/advancemame/advancecomp-%{version}.tar.gz
 Patch0: advancecomp-1.15-CVE-2019-8379.patch
 Patch1: advancecomp-1.15-CVE-2019-8383.patch
+Patch2: advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch
 BuildRequires: zlib-devel
 
 %description
@@ -21,7 +22,7 @@ The main features are :
 %setup -q
 %patch0 -p1 -b .CVE-2019-8379
 %patch1 -p1 -b .CVE-2019-8383
-
+%patch2 -p1 -b .CVE-2019-9210-integer-overflow-in-png_compress
 
 %build
 %configure
@@ -40,6 +41,9 @@ make install DESTDIR=%{buildroot}
 
 
 %changelog
+* Mon Jul 29 2019 Than Ngo <than@redhat.com> - 1.15-22
+- Resolves: #1686115, integer overflow in png_compress
+
 * Fri May 17 2019 Than Ngo <than@redhat.com> - 1.15-21
 - Resolves: #1711051, CVE-2019-8383 denial of service
 - Resolves: #1710910, CVE-2019-8379 null pointer dereference