diff --git a/mingw-wavpack.spec b/mingw-wavpack.spec
index 666afa4..6a262af 100644
--- a/mingw-wavpack.spec
+++ b/mingw-wavpack.spec
@@ -8,16 +8,13 @@ Summary:        Completely open audiocodec
 License:        BSD
 URL:            http://www.wavpack.com/
 Source:         http://www.wavpack.com/wavpack-%{version}.tar.bz2
-# https://github.com/dbry/WavPack/issues/27
 Patch1:         wavpack-0001-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch
-# https://github.com/dbry/WavPack/issues/28
 Patch2:         wavpack-0002-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch
-# https://github.com/dbry/WavPack/issues/26
-# https://github.com/dbry/WavPack/issues/28
-# https://github.com/dbry/WavPack/issues/29
 Patch3:         wavpack-0003-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch
 Patch4:         wavpack-0004-issue-33-sanitize-size-of-unknown-chunks-before-mall.patch
 Patch5:         wavpack-0005-issue-30-issue-31-issue-32-no-multiple-format-chunks.patch
+Patch6:         wavpack-0006-issue-53-error-out-on-zero-sample-rate.patch
+Patch7:         wavpack-0007-issue-54-fix-potential-out-of-bounds-heap-read.patch
 
 BuildArch:      noarch
 
@@ -141,6 +138,7 @@ rm -rf %{buildroot}%{mingw64_mandir}
 - Autosetup macro
 - Security fix for CVE-2018-10536, CVE-2018-10537, CVE-2018-10538,
   CVE-2018-10539, CVE-2018-10540
+- Security fix for CVE-2018-19840, CVE-2018-19841
 
 * Tue Oct 08 2019 Sandro Mani <manisandro@gmail.com> - 5.1.0-8
 - Rebuild (Changes/Mingw32GccDwarf2)
diff --git a/wavpack-0006-issue-53-error-out-on-zero-sample-rate.patch b/wavpack-0006-issue-53-error-out-on-zero-sample-rate.patch
new file mode 100644
index 0000000..0dd06d6
--- /dev/null
+++ b/wavpack-0006-issue-53-error-out-on-zero-sample-rate.patch
@@ -0,0 +1,21 @@
+From: David Bryant <david@wavpack.com>
+Date: Thu, 29 Nov 2018 21:00:42 -0800
+Subject: [PATCH] issue #53: error out on zero sample rate
+
+
+diff --git a/src/pack_utils.c b/src/pack_utils.c
+index 1918c18..ee3debf 100644
+--- a/src/pack_utils.c
++++ b/src/pack_utils.c
+@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
+     int num_chans = config->num_channels;
+     int i;
+ 
++    if (!config->sample_rate) {
++        strcpy (wpc->error_message, "sample rate cannot be zero!");
++        return FALSE;
++    }
++
+     wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS;
+ 
+     if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) {
diff --git a/wavpack-0007-issue-54-fix-potential-out-of-bounds-heap-read.patch b/wavpack-0007-issue-54-fix-potential-out-of-bounds-heap-read.patch
new file mode 100644
index 0000000..a915641
--- /dev/null
+++ b/wavpack-0007-issue-54-fix-potential-out-of-bounds-heap-read.patch
@@ -0,0 +1,25 @@
+From: David Bryant <david@wavpack.com>
+Date: Thu, 29 Nov 2018 21:53:51 -0800
+Subject: [PATCH] issue #54: fix potential out-of-bounds heap read
+
+
+diff --git a/src/open_utils.c b/src/open_utils.c
+index fc9440c..ce0879c 100644
+--- a/src/open_utils.c
++++ b/src/open_utils.c
+@@ -1258,13 +1258,13 @@ int WavpackVerifySingleBlock (unsigned char *buffer, int verify_checksum)
+ #endif
+ 
+             if (meta_bc == 4) {
+-                if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff) || *dp++ != ((csum >> 16) & 0xff) || *dp++ != ((csum >> 24) & 0xff))
++                if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff) || dp[2] != ((csum >> 16) & 0xff) || dp[3] != ((csum >> 24) & 0xff))
+                     return FALSE;
+             }
+             else {
+                 csum ^= csum >> 16;
+ 
+-                if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff))
++                if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff))
+                     return FALSE;
+             }
+