diff --git a/cups-CVE-2007-4045.patch b/cups-CVE-2007-4045.patch
index ea007a6..1d4d87b 100644
--- a/cups-CVE-2007-4045.patch
+++ b/cups-CVE-2007-4045.patch
@@ -16,8 +16,8 @@ diff -up cups-1.2.4/scheduler/client.c.CVE-2007-4045 cups-1.2.4/scheduler/client
 +       c;
 +       c = (cupsd_client_t *)cupsArrayNext(Clients))
 +  {
-+    bio = SSL_get_wbio(c->http.tls);
-+    BIO_ctrl(bio, BIO_C_SET_FILE_PTR, 0, (char *)HTTP(c));
++    if (c->http.tls)
++      BIO_ctrl(SSL_get_wbio(c->http.tls), BIO_C_SET_FILE_PTR, 0, (char *)HTTP(c));
 +  }
 +  cupsArrayRestore (Clients);
 +#endif
diff --git a/cups.spec b/cups.spec
index 68190fc..25d7aa4 100644
--- a/cups.spec
+++ b/cups.spec
@@ -452,6 +452,8 @@ rm -rf $RPM_BUILD_ROOT
 
 %changelog
 * Mon Nov 12 2007 Tim Waugh <twaugh@redhat.com> 1:1.2.12-8
+- Fixed CVE-2007-4045 patch; has no effect with shipped packages since they
+  are linked with gnutls.
 - LSPP fixes (cupsdSetString/ClearString).
 
 * Wed Nov  7 2007 Tim Waugh <twaugh@redhat.com> 1:1.2.12-7