diff --git a/file-upstream.patch b/file-upstream.patch
new file mode 100644
index 0000000..e97c600
--- /dev/null
+++ b/file-upstream.patch
@@ -0,0 +1,31 @@
+Detect Android LOKI'd boot bootimgs
+buffer_fill: fix double free of `ebuf` on read error (https://bugzilla.redhat.com/1685217)
+
+---
+ magic/Magdir/android |    4 +++-
+ src/buffer.c         |    1 +
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+--- magic/Magdir/android
++++ magic/Magdir/android	2019-06-11 10:34:41.940646113 +0000
+@@ -19,7 +19,9 @@
+ # From https://android.googlesource.com/\
+ # platform/system/core/+/master/mkbootimg/bootimg.h
+ 0		string	ANDROID!	Android bootimg
+->1024	string	LOKI\01		\b, LOKI'd
++>1024	string	LOKI		\b, LOKI'd
++>>1028	lelong	0			\b (boot)
++>>1028	lelong	1			\b (recovery)
+ >8		lelong	>0			\b, kernel
+ >>12	lelong	>0			\b (0x%x)
+ >16		lelong	>0			\b, ramdisk
+--- src/buffer.c
++++ src/buffer.c	2019-06-11 10:34:41.940646113 +0000
+@@ -77,6 +77,7 @@ buffer_fill(const struct buffer *bb)
+ 	b->eoff = b->st.st_size - b->elen;
+ 	if (pread(b->fd, b->ebuf, b->elen, b->eoff) == -1) {
+ 		free(b->ebuf);
++		b->ebuf = NULL;
+ 		goto out;
+ 	}
+ 
diff --git a/file.changes b/file.changes
index 883b45b..d6c89ca 100644
--- a/file.changes
+++ b/file.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Jun 11 10:42:01 UTC 2019 - Dr. Werner Fink <werner@suse.de>
+
+- Add temporary patch file-upstream.patch
+  * Detect Android LOKI'd boot bootimgs
+  * buffer_fill: fix double free of `ebuf` on read error
+    (https://bugzilla.redhat.com/1685217)
+
 -------------------------------------------------------------------
 Mon May 27 09:26:52 UTC 2019 - Dr. Werner Fink <werner@suse.de>
 
diff --git a/file.spec b/file.spec
index 1923cfd..c9502d4 100644
--- a/file.spec
+++ b/file.spec
@@ -64,6 +64,7 @@ Patch35:        file-5.24-nitpick.dif
 Patch36:        file-5.15-clear-invalid.patch
 Patch37:        file-secure_getenv.patch
 Patch39:        file-5.28-btrfs-image.dif
+Patch42:        file-upstream.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %global         _sysconfdir /etc
 %global         _miscdir    %{_datadir}/misc
@@ -132,6 +133,7 @@ to develop applications that require the magic "file" interface.
 %patch36 -p1 -b .clear
 %patch37 -p1 -b .getenv
 %patch39 -p1 -b .btrfs
+%patch42 -p0 -b .tmp
 %patch -b .0
 test -s src/magic.h.in || cp -p src/magic.h src/magic.h.in
 rm -fv src/magic.h