diff --git a/srcpkgs/kcgi/patches/seccomp.patch b/srcpkgs/kcgi/patches/seccomp.patch
new file mode 100644
index 00000000000..222ff1c4ea0
--- /dev/null
+++ b/srcpkgs/kcgi/patches/seccomp.patch
@@ -0,0 +1,61 @@
+--- sandbox-seccomp-filter.c.orig
++++ sandbox-seccomp-filter.c
+@@ -89,7 +89,12 @@
+ 	/* Load the syscall number for checking. */
+ 	BPF_STMT(BPF_LD+BPF_W+BPF_ABS,
+ 		offsetof(struct seccomp_data, nr)),
++#ifdef __NR_open
+ 	SC_DENY(open, EACCES),
++#endif
++#ifdef __NR_openat
++	SC_DENY(openat, EACCES),
++#endif
+ 	SC_ALLOW(getpid),
+ 	SC_ALLOW(gettimeofday),
+ 	SC_ALLOW(clock_gettime),
+@@ -121,12 +126,16 @@
+ #ifdef __NR_ppoll
+ 	SC_ALLOW(ppoll),
+ #endif
++#ifdef __NR_poll
+ 	SC_ALLOW(poll),
++#endif
+ #ifdef __NR__newselect
+ 	SC_ALLOW(_newselect),
+ #else
++#ifdef __NR_select
+ 	SC_ALLOW(select),
+ #endif
++#endif
+ 	SC_ALLOW(madvise),
+ #ifdef __NR_mmap2 /* EABI ARM only has mmap2() */
+ 	SC_ALLOW(mmap2),
+@@ -159,7 +168,12 @@
+ 	/* Load the syscall number for checking. */
+ 	BPF_STMT(BPF_LD+BPF_W+BPF_ABS,
+ 		offsetof(struct seccomp_data, nr)),
++#ifdef __NR_open
+ 	SC_DENY(open, EACCES),
++#endif
++#ifdef __NR_openat
++	SC_DENY(openat, EACCES),
++#endif
+ 	SC_ALLOW(getpid),
+ #ifdef __NR_getrandom
+ 	SC_ALLOW(getrandom),
+@@ -184,11 +198,15 @@
+ #ifdef __NR_ppoll
+ 	SC_ALLOW(ppoll),
+ #endif
++#ifdef __NR_poll
+ 	SC_ALLOW(poll),
++#endif
+ #ifdef __NR__newselect
+ 	SC_ALLOW(_newselect),
+ #else
++#ifdef __NR_select
+ 	SC_ALLOW(select),
++#endif
+ #endif
+ 	SC_ALLOW(madvise),
+ #ifdef __NR_mmap2 /* EABI ARM only has mmap2() */
diff --git a/srcpkgs/kcgi/template b/srcpkgs/kcgi/template
index 6da09244332..dd3c67c5d21 100644
--- a/srcpkgs/kcgi/template
+++ b/srcpkgs/kcgi/template
@@ -1,6 +1,6 @@
 # Template file for 'kcgi'
 pkgname=kcgi
-version=0.10.11
+version=0.10.12
 revision=1
 build_style=configure
 configure_args="PREFIX=/usr MANDIR=/usr/share/man SBINDIR=/usr/bin"
@@ -13,11 +13,7 @@ maintainer="Duncaen <duncaen@voidlinux.org>"
 license="ISC"
 homepage="http://kristaps.bsd.lv/kcgi/"
 distfiles="http://kristaps.bsd.lv/kcgi/snapshots/kcgi-${version}.tgz"
-checksum=a5bb5e96552603af1e67bd90589c7308a0a5f81286b8b741de4099f969a1ecf1
-
-case "$XBPS_TARGET_MACHINE" in
-	aarch64*) broken="sandbox-seccomp-filter.c:76:34: error: initializer element is not constant"
-esac
+checksum=e836275c52f9464d50b8d564cb73338e8c47221fba086274d068a202cbc2df51
 
 seccomp_audit_get_suffix() {
 	case "$1" in