diff --git a/.gitignore b/.gitignore
index f599f43..d37eb08 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
-SOURCES/nginx-1.8.0.tar.gz
+SOURCES/nginx-1.8.1.tar.gz
 SOURCES/passenger-4.0.50.tar.gz
 SOURCES/poweredby.png
diff --git a/.rh-nginx18-nginx.metadata b/.rh-nginx18-nginx.metadata
index 93280d4..4d103ba 100644
--- a/.rh-nginx18-nginx.metadata
+++ b/.rh-nginx18-nginx.metadata
@@ -1,3 +1,3 @@
-12bad312764feae50246685ab2e74512d1aa9b2f SOURCES/nginx-1.8.0.tar.gz
+a99dc2ee4c60e3134891cd13c111f42901252c2b SOURCES/nginx-1.8.1.tar.gz
 f85204d0f21147e8ca2e2313b5bddaebd6ca0b21 SOURCES/passenger-4.0.50.tar.gz
 2ec82988cd0d9b1304c95a16b28eff70f0f69abc SOURCES/poweredby.png
diff --git a/SOURCES/nginx-1.8.1-CVE-2016-4450.patch b/SOURCES/nginx-1.8.1-CVE-2016-4450.patch
new file mode 100644
index 0000000..47928a4
--- /dev/null
+++ b/SOURCES/nginx-1.8.1-CVE-2016-4450.patch
@@ -0,0 +1,21 @@
+
+https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4450
+
+http://nginx.org/download/patch.2016.write2.txt
+
+diff -uap nginx-1.8.1/src/os/unix/ngx_files.c.cve4450 nginx-1.8.1/src/os/unix/ngx_files.c
+--- nginx-1.8.1/src/os/unix/ngx_files.c.cve4450
++++ nginx-1.8.1/src/os/unix/ngx_files.c
+@@ -292,6 +292,12 @@ ngx_write_chain_to_file(ngx_file_t *file
+         /* create the iovec and coalesce the neighbouring bufs */
+ 
+         while (cl && vec.nelts < IOV_MAX) {
++
++            if (ngx_buf_special(cl->buf)) {
++                cl = cl->next;
++                continue;
++            }
++
+             if (prev == cl->buf->pos) {
+                 iov->iov_len += cl->buf->last - cl->buf->pos;
+ 
diff --git a/SPECS/nginx.spec b/SPECS/nginx.spec
index a017e01..6de887e 100644
--- a/SPECS/nginx.spec
+++ b/SPECS/nginx.spec
@@ -26,8 +26,8 @@
 
 Name:              %{?scl:%scl_prefix}nginx
 Epoch:             1
-Version:           1.8.0
-Release:           4%{?dist}
+Version:           1.8.1
+Release:           1%{?dist}
 
 Summary:           A high performance web server and reverse proxy server
 Group:             System Environment/Daemons
@@ -54,6 +54,8 @@ Source104:         50x.html
 # removes -Werror in upstream build scripts.  -Werror conflicts with
 # -D_FORTIFY_SOURCE=2 causing warnings to turn into errors.
 Patch0:            nginx-auto-cc-gcc.patch
+Patch1:            nginx-1.8.1-CVE-2016-4450.patch
+
 # Build Passenger against Fedora's (renamed) libeio
 Patch200:          passenger-4.0.38-libeio.patch
 # Fix passenger building with nginx-1.8.0
@@ -122,6 +124,7 @@ memory usage.
 %prep
 %setup -q -n nginx-%{version}
 %patch0 -p0
+%patch1 -p1 -b .cve4450
 
 %if 0%{?with_passenger}
 tar -xf %{SOURCE1}
@@ -498,6 +501,10 @@ fi
 %{?scl: %{_scl_scripts}/deregister.d/*}
 
 %changelog
+* Mon Jun 20 2016 Joe Orton <jorton@redhat.com> - 1:1.8.1-1
+- update to 1.8.1 (CVE-2016-0742 CVE-2016-0746 CVE-2016-0747)
+- add security fix for CVE-2016-4450
+
 * Fri Nov 13 2015 Jan Kaluza <jkaluza@redhat.com> - 1:1.8.0-4
 - fix SELinux context of /var/opt and /etc/opt directories (#1280221)