diff --git a/0007-curl-7.49.1-urlglob.patch b/0007-curl-7.49.1-urlglob.patch
new file mode 100644
index 0000000..77ee83a
--- /dev/null
+++ b/0007-curl-7.49.1-urlglob.patch
@@ -0,0 +1,35 @@
+From 5a3eddc9c327dcc20620d8ae47b27f5085811c7e Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Fri, 3 Jun 2016 11:26:20 +0200
+Subject: [PATCH] tool_urlglob: fix off-by-one error in glob_parse()
+
+... causing SIGSEGV while parsing URL with too many globs.
+Minimal example:
+
+$ curl $(for i in $(seq 101); do printf '{a}'; done)
+
+Reported-by: Romain Coltel
+Bug: https://bugzilla.redhat.com/1340757
+
+Upstream-commit: 584d0121c353ed855115c39f6cbc009854018029
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/tool_urlglob.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
+index 70d17fe..a357b8b 100644
+--- a/src/tool_urlglob.c
++++ b/src/tool_urlglob.c
+@@ -402,7 +402,7 @@ static CURLcode glob_parse(URLGlob *glob, char *pattern,
+       }
+     }
+ 
+-    if(++glob->size > GLOB_PATTERN_NUM)
++    if(++glob->size >= GLOB_PATTERN_NUM)
+       return GLOBERROR("too many globs", pos, CURLE_URL_MALFORMAT);
+   }
+   return res;
+-- 
+2.5.5
+
diff --git a/curl.spec b/curl.spec
index 79586ed..27c9ab6 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.47.1
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
@@ -10,6 +10,9 @@ Source2: curlbuild.h
 # do not refuse cookies for localhost (#1308791)
 Patch1: 0001-curl-7.47.1-psl-localhost.patch
 
+# fix SIGSEGV of the curl tool while parsing URL with too many globs (#1340757)
+Patch7:   0007-curl-7.49.1-urlglob.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -122,6 +125,7 @@ documentation of the library, too.
 
 # upstream patches
 %patch1 -p1
+%patch7 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -234,6 +238,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Fri Jun 03 2016 Kamil Dudka <kdudka@redhat.com> 7.47.1-4
+- fix SIGSEGV of the curl tool while parsing URL with too many globs (#1340757)
+
 * Wed Mar 02 2016 Kamil Dudka <kdudka@redhat.com> 7.47.1-4
 - do not refuse cookies for localhost (#1308791)