diff --git a/src/util.cc b/src/util.cc
index cff36f0f23..5a63be22cb 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -1578,7 +1578,7 @@ void bro_init_magic(magic_t* cookie_ptr, int flags)
 	if ( ! cookie_ptr || *cookie_ptr )
 		return;
 
-	*cookie_ptr = magic_open(flags|MAGIC_NO_CHECK_TOKENS);
+	*cookie_ptr = magic_open(flags|DISABLE_LIBMAGIC_BUILTIN_CHECKS);
 
 	// Use our custom database for mime types, but the default database
 	// from libmagic for the verbose file type.
diff --git a/src/util.h b/src/util.h
index cafa63b7e8..91ed8f2888 100644
--- a/src/util.h
+++ b/src/util.h
@@ -377,6 +377,23 @@ struct CompareString
 		}
 	};
 
+// Older versions of libmagic may not define the MAGIC_NO_CHECK_BUILTIN
+// convenience macro and other newer versions seem to have a typo that makes
+// it unusable, so just make a different one now with all known flags for
+// builtin libmagic components that should be disabled so that Bro only
+// uses the custom magic database shipped with it.
+#define DISABLE_LIBMAGIC_BUILTIN_CHECKS  ( \
+    MAGIC_NO_CHECK_COMPRESS | \
+    MAGIC_NO_CHECK_TAR  | \
+/*  MAGIC_NO_CHECK_SOFT | */ \
+    MAGIC_NO_CHECK_APPTYPE  | \
+    MAGIC_NO_CHECK_ELF  | \
+    MAGIC_NO_CHECK_TEXT | \
+    MAGIC_NO_CHECK_CDF  | \
+    MAGIC_NO_CHECK_TOKENS   | \
+    MAGIC_NO_CHECK_ENCODING \
+)
+
 extern magic_t magic_desc_cookie;
 extern magic_t magic_mime_cookie;