diff --git a/debian/patches/0001-check-that-accesses-to-color-table-stay-within-bound.patch b/debian/patches/0001-check-that-accesses-to-color-table-stay-within-bound.patch
new file mode 100644
index 0000000..d48c264
--- /dev/null
+++ b/debian/patches/0001-check-that-accesses-to-color-table-stay-within-bound.patch
@@ -0,0 +1,55 @@
+From: Jean-Francois Dockes <jfd@recoll.org>
+Date: Sun, 21 Dec 2014 10:08:26 +0100
+Subject: check that accesses to color table stay within bounds,
+ esp that the color number is positive. This fixes {\cb-999} crashing
+ unrtf
+
+This fixes CVE-2014-9274, according to http://www.openwall.com/lists/oss-security/2014/12/04/15
+
+Origin: https://bitbucket.org/medoc/unrtf-int/commits/b0cef89a170a66bc48f8dd288ce562ea8ca91f7a/raw/
+Bug-Debian: http://bugs.debian.org/772811
+---
+ src/convert.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/convert.c b/src/convert.c
+index e563473..96bf438 100644
+--- a/src/convert.c
++++ b/src/convert.c
+@@ -868,6 +868,9 @@ process_color_table (Word *w)
+ 	r=g=b=0;
+ 
+ 	while(w) {
++                if (total_colors >= MAX_COLORS) {
++                        break;
++                }
+ 		char *s = word_string (w);
+ 
+ 		if (!strncmp("\\red",s,4)) {
+@@ -921,7 +924,7 @@ static int
+ cmd_cf (Word *w, int align, char has_param, int num) {
+ 	char str[40];
+ 
+-	if (!has_param || num>=total_colors) {
++	if (!has_param || num < 0 || num>=total_colors) {
+ 		warning_handler ("font color change attempted is invalid");
+ 	}
+ 	else
+@@ -948,7 +951,7 @@ static int
+ cmd_cb (Word *w, int align, char has_param, int num) {
+ 	char str[40];
+ 
+-	if (!has_param || num>=total_colors) {
++	if (!has_param || num < 0 || num>=total_colors) {
+ 		warning_handler ("font color change attempted is invalid");
+ 	}
+ 	else
+@@ -1153,7 +1156,7 @@ cmd_highlight (Word *w, int align, char has_param, int num)
+ {
+ 	char str[40];
+ 
+-	if (!has_param || num>=total_colors) {
++	if (!has_param || num < 0 || num>=total_colors) {
+ 		warning_handler ("font background color change attempted is invalid");
+ 	}
+ 	else
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..c21b92f
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-check-that-accesses-to-color-table-stay-within-bound.patch