diff --git a/pkgs/development/libraries/libyaml/default.nix b/pkgs/development/libraries/libyaml/default.nix
index 33376cbdad3..667298922ca 100644
--- a/pkgs/development/libraries/libyaml/default.nix
+++ b/pkgs/development/libraries/libyaml/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl }:
+{ stdenv, fetchurl, fetchpatch }:
 let
   version = "0.1.6";
 in
@@ -10,6 +10,12 @@ stdenv.mkDerivation {
     sha256 = "0j9731s5zjb8mjx7wzf6vh7bsqi38ay564x6s9nri2nh9cdrg9kx";
   };
 
+  patches = [(fetchpatch {
+    name = "CVE-2014-9130.diff";
+    url = "http://bitbucket.org/xi/libyaml/commits/2b915675/raw/";
+    sha256 = "1vrkga2wk060wccg61c2mj5prcyv181qikgdfi1z4hz8ygmpvl04";
+  })];
+
   meta = with stdenv.lib; {
     homepage = http://pyyaml.org/;
     description = "A YAML 1.1 parser and emitter written in C";