diff --git a/community/libcdio/APKBUILD b/community/libcdio/APKBUILD
index 763f913d118f431f5b424cc59f4ecb636a1af0a7..133a29fccfde128bfc30eb6e1362d5e77593c875 100644
--- a/community/libcdio/APKBUILD
+++ b/community/libcdio/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libcdio
 pkgver=2.1.0
-pkgrel=1
+pkgrel=2
 pkgdesc="GNU Compact Disc Input and Control Library"
 url="https://www.gnu.org/software/libcdio/"
 arch="all"
@@ -11,7 +11,9 @@ checkdepends="bash"
 makedepends="libcddb-dev ncurses-dev linux-headers"
 subpackages="$pkgname-dev $pkgname-doc $pkgname-tools ${pkgname}++:_cpp"
 source="https://ftp.gnu.org/gnu/libcdio/libcdio-$pkgver.tar.bz2
-	disable-broken-test.patch"
+	disable-broken-test.patch
+	format-security.patch
+	"
 
 build() {
 	./configure \
@@ -48,5 +50,8 @@ _cpp() {
 	mv "$pkgdir"/usr/lib/*++.* "$subpkgdir"/usr/lib/
 }
 
-sha512sums="c290821da55fd9ae366670a58857aa6efcebc9f25b7caea063cf12f9cbda84fe770c5f59f972227fda50517ca58c5f39c0137daa0f93179e3daa45303d8b610f  libcdio-2.1.0.tar.bz2
-be0149128bb2fa131f514bcff848279d826340a99a05b958e104f4640bda1a89d6146b0ec348783f4bbd8a3c313c41297152f75ee04f492f08b337bd79dd9c3e  disable-broken-test.patch"
+sha512sums="
+c290821da55fd9ae366670a58857aa6efcebc9f25b7caea063cf12f9cbda84fe770c5f59f972227fda50517ca58c5f39c0137daa0f93179e3daa45303d8b610f  libcdio-2.1.0.tar.bz2
+be0149128bb2fa131f514bcff848279d826340a99a05b958e104f4640bda1a89d6146b0ec348783f4bbd8a3c313c41297152f75ee04f492f08b337bd79dd9c3e  disable-broken-test.patch
+4d66aee45804f831adab89e8cd14791176a36551fb79bcdb7ae5a36fa5bc809a33d997420f22dd8ce8e9d360dbe9cc65eb3fe865259f906857702f50359ce201  format-security.patch
+"
diff --git a/community/libcdio/format-security.patch b/community/libcdio/format-security.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7369e6da9aadd2f5a1544239cdee60c59ddca384
--- /dev/null
+++ b/community/libcdio/format-security.patch
@@ -0,0 +1,26 @@
+diff --git a/src/cdda-player.c b/src/cdda-player.c
+index 69eddee..8834d60 100644
+--- a/src/cdda-player.c
++++ b/src/cdda-player.c
+@@ -298,7 +298,7 @@ action(const char *psz_action)
+              psz_action);
+   else
+     snprintf(psz_action_line, sizeof(psz_action_line), "%s", "" );
+-  mvprintw(LINE_ACTION, 0, psz_action_line);
++  mvprintw(LINE_ACTION, 0, "%s", psz_action_line);
+   clrtoeol();
+   refresh();
+ }
+@@ -1029,10 +1029,10 @@ display_tracks(void)
+       }
+       if (sub.track == i) {
+         attron(A_STANDOUT);
+-        mvprintw(i_line++, 0, line);
++        mvprintw(i_line++, 0, "%s", line);
+         attroff(A_STANDOUT);
+       } else
+-        mvprintw(i_line++, 0, line);
++        mvprintw(i_line++, 0, "%s", line);
+       clrtoeol();
+     }
+   }