diff --git a/SOURCES/php-5.4.16-CVE-2017-7890.patch b/SOURCES/php-5.4.16-CVE-2017-7890.patch
new file mode 100644
index 0000000..968078c
--- /dev/null
+++ b/SOURCES/php-5.4.16-CVE-2017-7890.patch
@@ -0,0 +1,35 @@
+Adapted for 5.4.13
+With test removed (binary patch not handled)
+
+From 018092125538782b25d3ab6b036f0c8d5968f757 Mon Sep 17 00:00:00 2001
+From: "Christoph M. Becker" <cmbecker69@gmx.de>
+Date: Tue, 20 Jun 2017 16:45:42 +0200
+Subject: [PATCH] Fix #74435: Buffer over-read into uninitialized memory
+
+The stack allocated color map buffers were not zeroed before usage, and
+so undefined palette indexes could cause information leakage.
+---
+ ext/gd/libgd/gd_gif_in.c   |   3 +++
+ ext/gd/tests/bug74435.gif  | Bin 0 -> 11464 bytes
+ ext/gd/tests/bug74435.phpt |  27 +++++++++++++++++++++++++++
+ 3 files changed, 30 insertions(+)
+ create mode 100644 ext/gd/tests/bug74435.gif
+ create mode 100644 ext/gd/tests/bug74435.phpt
+
+diff --git a/ext/gd/libgd/gd_gif_in.c b/ext/gd/libgd/gd_gif_in.c
+index 74b7493..76ba152 100644
+--- a/ext/gd/libgd/gd_gif_in.c
++++ b/ext/gd/libgd/gd_gif_in.c
+@@ -147,6 +147,9 @@ gdImagePtr gdImageCreateFromGifCtx(gdIOCtxPtr fd) /* {{{ */
+ 	int haveGlobalColormap;
+ 	gdImagePtr im = 0;
+ 
++	memset(ColorMap, 0, 3 * MAXCOLORMAPSIZE);
++	memset(localColorMap, 0, 3 * MAXCOLORMAPSIZE);
++
+ 	/*1.4//imageNumber = 1; */
+ 	if (! ReadOK(fd,buf,6)) {
+ 		return 0;
+-- 
+2.1.4
+
diff --git a/SPECS/php.spec b/SPECS/php.spec
index 78d0082..ed42742 100644
--- a/SPECS/php.spec
+++ b/SPECS/php.spec
@@ -69,7 +69,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
 Version: 5.4.16
-Release: 43%{?dist}
+Release: 43%{?dist}.1
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -206,6 +206,7 @@ Patch158: php-5.4.16-CVE-2016-5768.patch
 Patch159: php-5.4.16-CVE-2016-5399.patch
 Patch160: php-5.4.16-CVE-2016-10167.patch
 Patch161: php-5.4.16-CVE-2016-10168.patch
+Patch162: php-5.4.16-CVE-2017-7890.patch
 
 
 BuildRequires: bzip2-devel, curl-devel >= 7.9, gmp-devel
@@ -781,6 +782,7 @@ support for using the enchant library to PHP.
 %patch159 -p1 -b .cve5399
 %patch160 -p1 -b .cve10167
 %patch161 -p1 -b .cve10168
+%patch162 -p1 -b .cve7890
 
 
 # Prevent %%doc confusion over LICENSE files
@@ -1552,6 +1554,9 @@ fi
 
 
 %changelog
+* Tue Jan 23 2018 Remi Collet <rcollet@redhat.com> - 5.4.16-43.1
+- gd: fix buffer over-read into uninitialized memory CVE-2017-7890
+
 * Wed Oct  4 2017 Remi Collet <rcollet@redhat.com> - 5.4.16-43
 - gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx() CVE-2016-10167
 - gd: Signed Integer Overflow gd_io.c CVE-2016-10168