diff --git a/SOURCES/zlib-1.2.7-Fix-bug-where-gzopen-gzclose-would-write-an-empty-fi.patch b/SOURCES/zlib-1.2.7-Fix-bug-where-gzopen-gzclose-would-write-an-empty-fi.patch
new file mode 100644
index 0000000..bf12e3d
--- /dev/null
+++ b/SOURCES/zlib-1.2.7-Fix-bug-where-gzopen-gzclose-would-write-an-empty-fi.patch
@@ -0,0 +1,43 @@
+From 0cf495a1ca941428c0b11e2307cad760ae44993e Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Sat, 29 Sep 2012 22:23:47 -0700
+Subject: [PATCH] Fix bug where gzopen(), gzclose() would write an empty file.
+
+A gzopen() to write (mode "w") followed immediately by a gzclose()
+would output an empty zero-length file.  What it should do is write
+an empty gzip file, with the gzip header, empty deflate content,
+and gzip trailer totalling 20 bytes.  This fixes it to do that.
+---
+ gzwrite.c | 15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/gzwrite.c b/gzwrite.c
+index f53aace..79a69a5 100644
+--- a/gzwrite.c
++++ b/gzwrite.c
+@@ -554,15 +554,14 @@ int ZEXPORT gzclose_w(file)
+     }
+ 
+     /* flush, free memory, and close file */
+-    if (state->size) {
+-        if (gz_comp(state, Z_FINISH) == -1)
+-            ret = state->err;
+-        if (!state->direct) {
+-            (void)deflateEnd(&(state->strm));
+-            free(state->out);
+-        }
+-        free(state->in);
++    if (gz_comp(state, Z_FINISH) == -1)
++        ret = state->err;
++    if (!state->direct) {
++        (void)deflateEnd(&(state->strm));
++        free(state->out);
+     }
++    if (state->size)
++        free(state->in);
+     gz_error(state, Z_OK, NULL);
+     free(state->path);
+     if (close(state->fd) == -1)
+-- 
+1.9.3
+
diff --git a/SOURCES/zlib-1.2.7-fix-serious-but-very-rare-decompression-bug-in-inftr.patch b/SOURCES/zlib-1.2.7-fix-serious-but-very-rare-decompression-bug-in-inftr.patch
new file mode 100644
index 0000000..0f2e2b1
--- /dev/null
+++ b/SOURCES/zlib-1.2.7-fix-serious-but-very-rare-decompression-bug-in-inftr.patch
@@ -0,0 +1,47 @@
+From 51370f365607fe14a6a7a1a27b3bd29d788f5e5b Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Mon, 18 Feb 2013 21:06:35 -0800
+Subject: [PATCH] Fix serious but very rare decompression bug in inftrees.c.
+
+inftrees.c compared the number of used table entries to the maximum
+allowed value using >= instead of >.  This patch fixes those to use
+>.  The bug was discovered by Ignat Kolesnichenko of Yandex LC
+where they have run petabytes of data through zlib.  Triggering the
+bug is apparently very rare, seeing as how it has been out there in
+the wild for almost three years before being discovered.  The bug
+is instantiated only if the exact maximum number of decoding table
+entries, ENOUGH_DISTS or ENOUGH_LENS is used by the block being
+decoded, resulting in the false positive of overflowing the table.
+---
+ inftrees.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/inftrees.c b/inftrees.c
+index 873da59..3781399 100644
+--- a/inftrees.c
++++ b/inftrees.c
+@@ -208,8 +208,8 @@ unsigned short FAR *work;
+     mask = used - 1;            /* mask for comparing low */
+ 
+     /* check available table space */
+-    if ((type == LENS && used >= ENOUGH_LENS) ||
+-        (type == DISTS && used >= ENOUGH_DISTS))
++    if ((type == LENS && used > ENOUGH_LENS) ||
++        (type == DISTS && used > ENOUGH_DISTS))
+         return 1;
+ 
+     /* process all codes and make table entries */
+@@ -277,8 +277,8 @@ unsigned short FAR *work;
+ 
+             /* check for enough space */
+             used += 1U << curr;
+-            if ((type == LENS && used >= ENOUGH_LENS) ||
+-                (type == DISTS && used >= ENOUGH_DISTS))
++            if ((type == LENS && used > ENOUGH_LENS) ||
++                (type == DISTS && used > ENOUGH_DISTS))
+                 return 1;
+ 
+             /* point entry in root table to sub-table */
+-- 
+1.9.3
+
diff --git a/SPECS/zlib.spec b/SPECS/zlib.spec
index bdca3bd..6bf29cd 100644
--- a/SPECS/zlib.spec
+++ b/SPECS/zlib.spec
@@ -1,7 +1,7 @@
 Summary: The compression and decompression library
 Name: zlib
 Version: 1.2.7
-Release: 15%{?dist}
+Release: 17%{?dist}
 # /contrib/dotzlib/ have Boost license
 License: zlib and Boost
 Group: System Environment/Libraries
@@ -13,6 +13,10 @@ Patch0: zlib-1.2.5-minizip-fixuncrypt.patch
 Patch1: zlib-1.2.7-optimized-s390.patch
 # resolves: #844791
 Patch2: zlib-1.2.7-z-block-flush.patch
+# resolves: #1127330
+Patch3: zlib-1.2.7-fix-serious-but-very-rare-decompression-bug-in-inftr.patch
+# resolves: #1337441
+Patch4: zlib-1.2.7-Fix-bug-where-gzopen-gzclose-would-write-an-empty-fi.patch
 
 BuildRequires: automake, autoconf, libtool
 
@@ -69,6 +73,9 @@ developing applications which use minizip.
 iconv -f iso-8859-2 -t utf-8 < ChangeLog > ChangeLog.tmp
 mv ChangeLog.tmp ChangeLog
 
+%patch3 -p1
+%patch4 -p1
+
 %build
 %ifarch ppc64 ppc64le
 export CFLAGS="$RPM_OPT_FLAGS -O3"
@@ -131,6 +138,14 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 %{_libdir}/pkgconfig/minizip.pc
 
 %changelog
+* Thu May 19 2016 jchaloup <jchaloup@redhat.com> - 1.2.7-17
+- Fix writing empty files on gzopen()/gzclose()
+  resolves: #1337441
+
+* Wed Apr 27 2016 jchaloup <jchaloup@redhat.com> - 1.2.7-16
+- Fix serious but very rare decompression bug in inftrees.c (upstream patch)
+  resolves: #1127330
+
 * Tue May 12 2015 Peter Robinson <pbrobinson@redhat.com> 1.2.7-15
 - Rebuild for rhbz #1123500