diff --git a/main/oniguruma/APKBUILD b/main/oniguruma/APKBUILD
index a028c031d08..a9d01760c79 100644
--- a/main/oniguruma/APKBUILD
+++ b/main/oniguruma/APKBUILD
@@ -2,16 +2,22 @@
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=oniguruma
 pkgver=6.9.4
-pkgrel=0
+pkgrel=1
 pkgdesc="a regular expressions library"
 url="https://github.com/kkos/oniguruma"
 arch="all"
 license="BSD-2-Clause"
 makedepends="automake autoconf libtool"
 subpackages="$pkgname-dev"
-source="$pkgname-$pkgver.tar.gz::https://github.com/kkos/$pkgname/archive/v$pkgver.tar.gz"
+source="$pkgname-$pkgver.tar.gz::https://github.com/kkos/$pkgname/archive/v$pkgver.tar.gz
+	CVE-2020-26159.patch::https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0.patch
+	"
 builddir="$srcdir"/$pkgname-$pkgver
 
+# secfixes:
+#   6.9.4-r1:
+#     - CVE-2020-26159
+
 prepare() {
 	cd "$builddir"
 	autoreconf -vfi
@@ -40,4 +46,5 @@ package() {
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="28a618c31db047c19dfb0e519d849ff33dd9d027abb154df341bc9c4a3ee738144007cfa95066e8714b0e1a0133ccfb6e629e9b7483cb3f9fb3a890156d769cb  oniguruma-6.9.4.tar.gz"
+sha512sums="28a618c31db047c19dfb0e519d849ff33dd9d027abb154df341bc9c4a3ee738144007cfa95066e8714b0e1a0133ccfb6e629e9b7483cb3f9fb3a890156d769cb  oniguruma-6.9.4.tar.gz
+90c42c91004eb9df89adcedb79bc175a52b596031cb2aacb891282e5ed3183ca991ac7fda1cb7a507f2e6cc9dceba78fa8291a312c23c56d457e75d31729a2df  CVE-2020-26159.patch"