diff --git a/mail/fetchmail/Makefile b/mail/fetchmail/Makefile
index 1b3a1c87340..237d84da104 100644
--- a/mail/fetchmail/Makefile
+++ b/mail/fetchmail/Makefile
@@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.112 2007/09/16 00:17:04 merdely Exp $
+# $OpenBSD: Makefile,v 1.113 2008/08/19 22:41:24 jasper Exp $
 
 COMMENT=	mail retrieval utility for POP2, POP3, KPOP, IMAP and more
 
 DISTNAME=	fetchmail-6.3.8
-PKGNAME=	${DISTNAME}p0
+PKGNAME=	${DISTNAME}p1
 CATEGORIES=	mail
 MASTER_SITES=	${MASTER_SITE_BERLIOS:=fetchmail/}
 
diff --git a/mail/fetchmail/patches/patch-report_c b/mail/fetchmail/patches/patch-report_c
new file mode 100644
index 00000000000..4a32726f873
--- /dev/null
+++ b/mail/fetchmail/patches/patch-report_c
@@ -0,0 +1,61 @@
+$OpenBSD: patch-report_c,v 1.1 2008/08/19 22:41:24 jasper Exp $
+
+Fix for http://secunia.com/advisories/30742/
+(Fetchmail Large Header Processing Denial of Service)
+
+Patch was taken from upstream advisory.
+http://www.fetchmail.info/fetchmail-SA-2008-01.txt
+
+--- report.c.orig	Mon Aug  4 11:50:43 2008
++++ report.c	Mon Aug  4 11:53:49 2008
+@@ -238,12 +238,18 @@ report_build (FILE *errfp, message, va_alist)
+     rep_ensuresize();
+ 
+ #if defined(VA_START)
+-    VA_START (args, message);
+     for ( ; ; )
+     {
++	/*
++	 * args has to be initialized before every call of vsnprintf(), 
++	 * because vsnprintf() invokes va_arg macro and thus args is 
++	 * undefined after the call.
++	 */
++	VA_START(args, message);
+ 	n = vsnprintf (partial_message + partial_message_size_used, partial_message_size - partial_message_size_used,
+ 		       message, args);
+ 
++	va_end (args);
+ 	if (n >= 0
+ 	    && (unsigned)n < partial_message_size - partial_message_size_used)
+         {
+@@ -254,7 +260,6 @@ report_build (FILE *errfp, message, va_alist)
+ 	partial_message_size += 2048;
+ 	partial_message = REALLOC (partial_message, partial_message_size);
+     }
+-    va_end (args);
+ #else
+     for ( ; ; )
+     {
+@@ -304,12 +309,13 @@ report_complete (FILE *errfp, message, va_alist)
+     rep_ensuresize();
+ 
+ #if defined(VA_START)
+-    VA_START (args, message);
+     for ( ; ; )
+     {
++	VA_START (args, message);
+ 	n = vsnprintf (partial_message + partial_message_size_used,
+ 		       partial_message_size - partial_message_size_used,
+ 		       message, args);
++	va_end(args);
+ 
+ 	/* old glibc versions return -1 for truncation */
+ 	if (n >= 0
+@@ -322,7 +328,6 @@ report_complete (FILE *errfp, message, va_alist)
+ 	partial_message_size += 2048;
+ 	partial_message = REALLOC (partial_message, partial_message_size);
+     }
+-    va_end (args);
+ #else
+     for ( ; ; )
+     {