diff --git a/cups-1.3.6-search_regex.patch b/cups-1.3.6-search_regex.patch
new file mode 100644
index 0000000..9c59ddb
--- /dev/null
+++ b/cups-1.3.6-search_regex.patch
@@ -0,0 +1,13 @@
+--- cups-1.3.6/cgi-bin/search.c.orig	2008-01-16 23:20:33.000000000 +0100
++++ cups-1.3.6/cgi-bin/search.c	2008-03-06 10:55:20.000000000 +0100
+@@ -167,7 +167,9 @@ cgiCompileSearch(const char *query)	/* I
+       * string + RE overhead...
+       */
+ 
+-      wlen = (sptr - s) + 4 * wlen + 2 * strlen(prefix) + 4;
++      wlen = (sptr - s) + 2 * 4 * wlen + 2 * strlen(prefix) + 11;
++      if (lword)
++        wlen += strlen(lword);
+ 
+       if (wlen > slen)
+       {
diff --git a/cups.changes b/cups.changes
index 2becf10..aaf07ee 100644
--- a/cups.changes
+++ b/cups.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu Mar  6 10:56:10 CET 2008 - kssingvo@suse.de
+
+- fixed issue in cgi-bin search CVE-2008-0047 (bugzilla#367225)
+
 -------------------------------------------------------------------
 Fri Feb 29 13:37:18 CET 2008 - kssingvo@suse.de
 
diff --git a/cups.spec b/cups.spec
index 44ce7c0..33fe7dd 100644
--- a/cups.spec
+++ b/cups.spec
@@ -18,7 +18,7 @@ License:        GPL v2 or later
 Group:          Hardware/Printing
 Summary:        The Common UNIX Printing System
 Version:        1.3.6
-Release:        1
+Release:        7
 Requires:       cups-libs = %{version}, cups-client = %{version}
 Requires:       ghostscript_any, ghostscript-fonts-std, foomatic-filters
 Requires:       util-linux
@@ -53,6 +53,7 @@ Patch14:        cups-1.1.21-testppd_duplex.patch
 Patch15:        cups-1.2.11-testppd_filename.patch
 Patch16:        cups-1.2.5-desktop_file.patch
 Patch17:        cups-1.3.3-testppd_none.patch
+Patch18:        cups-1.3.6-search_regex.patch
 Patch100:       cups-1.1.23-testpage.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %if %suse_version >= 801
@@ -146,6 +147,7 @@ Authors:
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
+%patch18 -p1
 if [ -f /.buildenv ]; then
 	. /.buildenv
 else
@@ -386,6 +388,8 @@ rm -rf $RPM_BUILD_ROOT/usr/share/locale/no
 %{_datadir}/locale/*/cups_*
 
 %changelog
+* Thu Mar 06 2008 kssingvo@suse.de
+- fixed issue in cgi-bin search CVE-2008-0047 (bugzilla#367225)
 * Fri Feb 29 2008 kssingvo@suse.de
 - update to version 1.3.6:
   * Documentation updates