diff --git a/srcpkgs/gst-plugins-bad/patches/fix-CESA-2016-0002.patch b/srcpkgs/gst-plugins-bad/patches/fix-CESA-2016-0002.patch
new file mode 100644
index 00000000000..b9f3839c0ad
--- /dev/null
+++ b/srcpkgs/gst-plugins-bad/patches/fix-CESA-2016-0002.patch
@@ -0,0 +1,22 @@
+--- gst/vmnc/vmncdec.c
++++ gst/vmnc/vmncdec.c
+@@ -370,7 +370,7 @@ vmnc_handle_wmvi_rectangle (GstVMncDec *
+ 
+   if (dec->imagedata)
+     g_free (dec->imagedata);
+-  dec->imagedata = g_malloc (dec->format.width * dec->format.height *
++  dec->imagedata = g_malloc0 (dec->format.width * dec->format.height *
+       dec->format.bytes_per_pixel);
+   GST_DEBUG_OBJECT (dec, "Allocated image data at %p", dec->imagedata);
+ 
+@@ -901,6 +901,10 @@ vmnc_handle_packet (GstVMncDec * dec, co
+             GST_WARNING_OBJECT (dec, "Rectangle out of range, type %d", r.type);
+             return ERROR_INVALID;
+           }
++        } else if (r.width > 16384 || r.height > 16384) {
++          GST_WARNING_OBJECT (dec, "Width or height too high: %ux%u", r.width,
++              r.height);
++          return ERROR_INVALID;
+         }
+ 
+         switch (r.type) {
diff --git a/srcpkgs/gst-plugins-bad/template b/srcpkgs/gst-plugins-bad/template
index a4f75a0f9ff..60f3a2a56ae 100644
--- a/srcpkgs/gst-plugins-bad/template
+++ b/srcpkgs/gst-plugins-bad/template
@@ -1,7 +1,7 @@
 # Template file for 'gst-plugins-bad'.
 pkgname=gst-plugins-bad
 version=0.10.23
-revision=19
+revision=20
 lib32disabled=yes
 build_style=gnu-configure
 configure_args="--enable-experimental --disable-static --disable-nsf"