diff --git a/openssh-6.4p1-servconf-parser.patch b/openssh-6.4p1-servconf-parser.patch
new file mode 100644
index 0000000..2456123
--- /dev/null
+++ b/openssh-6.4p1-servconf-parser.patch
@@ -0,0 +1,31 @@
+diff --git a/servconf.c b/servconf.c
+index 1e88905..f20504b 100644
+--- a/servconf.c
++++ b/servconf.c
+@@ -1562,7 +1562,7 @@ process_server_config_line(ServerOptions *options, char *line,
+ 		break;
+ 
+ 	case sForceCommand:
+-		if (cp == NULL)
++		if (cp == NULL || *cp == '\0')
+ 			fatal("%.200s line %d: Missing argument.", filename,
+ 			    linenum);
+ 		len = strspn(cp, WHITESPACE);
+@@ -1607,7 +1607,7 @@ process_server_config_line(ServerOptions *options, char *line,
+ 		break;
+ 
+ 	case sVersionAddendum:
+-		if (cp == NULL)
++		if (cp == NULL || *cp == '\0')
+ 			fatal("%.200s line %d: Missing argument.", filename,
+ 			    linenum);
+ 		len = strspn(cp, WHITESPACE);
+@@ -1642,6 +1642,8 @@ process_server_config_line(ServerOptions *options, char *line,
+ 		break;
+ 
+ 	case sAuthenticationMethods:
++		if (cp == NULL || *cp == '\0')
++			fatal("%.200s line %d: Missing argument.", filename, linenum);
+ 		if (*activep && options->num_auth_methods == 0) {
+ 			while ((arg = strdelim(&cp)) && *arg != '\0') {
+ 				if (options->num_auth_methods >=
diff --git a/openssh.spec b/openssh.spec
index 92f88f2..680ce51 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -207,6 +207,9 @@ Patch912: openssh-6.4p1-utf8-banner.patch
 # don't consider a partial success as a failure
 # https://bugzilla.mindrot.org/show_bug.cgi?id=2270
 Patch913: openssh-6.4p1-partial-success.patch
+# fix parsing of empty options in sshd_conf
+# https://bugzilla.mindrot.org/show_bug.cgi?id=2281
+Patch914: openssh-6.4p1-servconf-parser.patch
 
 License: BSD
 Group: Applications/Internet
@@ -438,6 +441,7 @@ popd
 %patch911 -p1 -b .set_remote_ipaddr
 %patch912 -p1 -b .utf8-banner
 %patch913 -p1 -b .partial-success
+%patch914 -p1 -b .servconf