diff --git a/ANNOUNCE b/ANNOUNCE
index bcea74bd..c8780b2c 100644
--- a/ANNOUNCE
+++ b/ANNOUNCE
@@ -44,6 +44,10 @@ Other information:
 Changes since the last public release (1.2.52):
 
 version 1.2.53beta01 [RDATE%]
+  Issue a png_error() instead of a png_warning() when width is
+    potentially too large for the architecture, in case the calling
+    application has overridden the default 1,000,000-column limit
+    (fixes CVE-2014-9495 and CVE-2015-0973).
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit
diff --git a/CHANGES b/CHANGES
index 02fe953d..ed26a043 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2829,6 +2829,10 @@ version 1.0.62 and 1.2.52 [November 20, 2014]
   No changes.
 
 version 1.2.53beta01 [RDATE%]
+  Issue a png_error() instead of a png_warning() when width is
+    potentially too large for the architecture, in case the calling
+    application has overridden the default 1,000,000-column limit
+    (fixes CVE-2014-9495 and CVE-2015-0973).
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit
diff --git a/pngset.c b/pngset.c
index fed6a55b..809a6d9c 100644
--- a/pngset.c
+++ b/pngset.c
@@ -263,7 +263,10 @@ png_set_IHDR(png_structp png_ptr, png_infop info_ptr,
                  - 1        /* filter byte */
                  - 7*8      /* rounding of width to multiple of 8 pixels */
                  - 8)       /* extra max_pixel_depth pad */
+   {
       info_ptr->rowbytes = (png_size_t)0;
+      png_error(png_ptr, "Image width is too large for this architecture");
+   }
    else
       info_ptr->rowbytes = PNG_ROWBYTES(info_ptr->pixel_depth, width);
 }