diff --git a/IO-Compress-2.068-CVE-2016-1238-avoid-loading-optional-modules-from.patch b/IO-Compress-2.068-CVE-2016-1238-avoid-loading-optional-modules-from.patch
new file mode 100644
index 0000000..be7153d
--- /dev/null
+++ b/IO-Compress-2.068-CVE-2016-1238-avoid-loading-optional-modules-from.patch
@@ -0,0 +1,23 @@
+diff -ru IO-Compress-2.068-orig/bin/zipdetails IO-Compress-2.068/bin/zipdetails
+--- IO-Compress-2.068-orig/bin/zipdetails	2014-01-31 07:52:56.000000000 +1100
++++ IO-Compress-2.068/bin/zipdetails	2016-07-28 10:10:17.812926303 +1000
+@@ -5,6 +5,7 @@
+ # Display info on the contents of a Zip file
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings ;
+ 
+diff -ru IO-Compress-2.068-orig/lib/IO/Uncompress/AnyUncompress.pm IO-Compress-2.068/lib/IO/Uncompress/AnyUncompress.pm
+--- IO-Compress-2.068-orig/lib/IO/Uncompress/AnyUncompress.pm	2015-09-27 04:34:31.000000000 +1000
++++ IO-Compress-2.068/lib/IO/Uncompress/AnyUncompress.pm	2016-07-28 10:08:45.064332089 +1000
+@@ -27,6 +27,8 @@
+ 
+ BEGIN
+ {
++   local @INC = @INC;
++   pop @INC if $INC[-1] eq '.';
+    eval ' use IO::Uncompress::Adapter::Inflate 2.068 ;';
+    eval ' use IO::Uncompress::Adapter::Bunzip2 2.068 ;';
+    eval ' use IO::Uncompress::Adapter::LZO 2.068 ;';
diff --git a/perl-IO-Compress.spec b/perl-IO-Compress.spec
index a2a16da..a2a56c3 100644
--- a/perl-IO-Compress.spec
+++ b/perl-IO-Compress.spec
@@ -3,12 +3,14 @@
 
 Name:           perl-IO-Compress
 Version:        2.068
-Release:        347%{?dist}
+Release:        348%{?dist}
 Summary:        Read and write compressed data
 License:        GPL+ or Artistic
 Group:          Development/Libraries
 URL:            http://search.cpan.org/dist/IO-Compress/
 Source0:        http://search.cpan.org/CPAN/authors/id/P/PM/PMQS/IO-Compress-%{version}.tar.gz
+# Avoid loading optional modules from default . (CVE-2016-1238)
+Patch0:         IO-Compress-2.068-CVE-2016-1238-avoid-loading-optional-modules-from.patch
 BuildArch:      noarch
 # Module Build
 BuildRequires:  perl
@@ -77,6 +79,7 @@ included with the IO-Compress distribution:
 
 %prep
 %setup -q -n IO-Compress-%{version}
+%patch0 -p1
 
 # Remove spurious exec permissions
 chmod -c -x lib/IO/Uncompress/{Adapter/Identity,RawInflate}.pm
@@ -127,6 +130,9 @@ make test COMPRESS_ZLIB_RUN_%{?with_long_tests:ALL}%{!?with_long_tests:MOST}=1
 %{_mandir}/man3/IO::Uncompress::*.3*
 
 %changelog
+* Wed Aug 03 2016 Jitka Plesnikova <jplesnik@redhat.com> - 2.068-348
+- Avoid loading optional modules from default . (CVE-2016-1238)
+
 * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.068-347
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild