diff --git a/print/a2ps/Makefile b/print/a2ps/Makefile
index 7bc6c230440..7dcb7b3972c 100644
--- a/print/a2ps/Makefile
+++ b/print/a2ps/Makefile
@@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.59 2015/04/06 21:05:07 ajacoutot Exp $
+# $OpenBSD: Makefile,v 1.60 2015/11/17 08:38:52 ajacoutot Exp $
 
 COMMENT=	format files for printing on PostScript printers
 
 DISTNAME=	a2ps-4.14
-REVISION=	10
+REVISION=	11
 
 SHARED_LIBS +=  a2ps                 2.0      # 2.0
 
diff --git a/print/a2ps/patches/patch-lib_output_c b/print/a2ps/patches/patch-lib_output_c
new file mode 100644
index 00000000000..0435032eeb2
--- /dev/null
+++ b/print/a2ps/patches/patch-lib_output_c
@@ -0,0 +1,16 @@
+$OpenBSD: patch-lib_output_c,v 1.1 2015/11/17 08:38:52 ajacoutot Exp $
+
+Fix for CVE-2015-8107:
+http://www.openwall.com/lists/oss-security/2015/11/16/4
+
+--- lib/output.c.orig	Sat Dec 29 02:58:21 2007
++++ lib/output.c	Tue Nov 17 09:36:23 2015
+@@ -525,7 +525,7 @@ output_file (struct output * out, a2ps_job * job,
+ 		     expand_user_string (job, FIRST_FILE (job),
+ 					 (const uchar *) "Expand: requirement",
+ 					 (const uchar *) token));
+-	output (dest, expansion);
++	output (dest, "%s", expansion);
+ 	continue;
+       }
+