diff --git a/fontforge-eof-crash.patch b/fontforge-eof-crash.patch
new file mode 100644
index 0000000..ebd405b
--- /dev/null
+++ b/fontforge-eof-crash.patch
@@ -0,0 +1,16 @@
+Index: fontforge/parsettf.c
+===================================================================
+--- fontforge/parsettf.c.orig	2016-01-26 09:01:44.025472518 +0100
++++ fontforge/parsettf.c	2016-01-26 09:04:24.853470665 +0100
+@@ -5185,7 +5185,10 @@
+ 	    /* the index table is backwards from the way I want to use it */
+ 	    gcbig = 0;
+ 	    for ( i=0; i<gc; ++i ) {
+-		indexes[val = getushort(ttf)] = i;
++		val = getushort(ttf);
++		if ( val<0 )            /* Don't crash on EOF */
++	    break;
++		indexes[val] = i;
+ 		if ( val>=258 ) ++gcbig;
+ 	    }
+ 
diff --git a/fontforge.changes b/fontforge.changes
index 3a3ffc8..95e2d79 100644
--- a/fontforge.changes
+++ b/fontforge.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Jan 26 08:10:44 UTC 2016 - pgajdos@suse.com
+
+- do not crash on invalid input data (when eof reached) [bsc#963023]
+  + fontforge-eof-crash.patch
+
 -------------------------------------------------------------------
 Wed Dec 16 14:03:36 UTC 2015 - pgajdos@suse.com
 
diff --git a/fontforge.spec b/fontforge.spec
index a7ab441..498e56d 100644
--- a/fontforge.spec
+++ b/fontforge.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package fontforge
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -32,6 +32,8 @@ Patch0:         propagate-creation-and-modification-times-to-ttf.patch
 # workardound for bug 930076, imho upstream should fix this
 # https://github.com/fontforge/fontforge/issues/2270
 Patch1:         fontforge-version.patch
+# https://github.com/fontforge/fontforge/pull/2613, bsc#963023
+Patch2:         fontforge-eof-crash.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  cairo-devel
@@ -99,6 +101,7 @@ to develop applications that use FontForge libraries.
 %setup -q
 %patch0 -p1
 %patch1
+%patch2
 sed -i 's/\r$//' doc/html/{Big5.txt,corpchar.txt}
 # workaround for bug 930076; we just need the _version_of_the_release_! (see also fontforge-version.patch) ---
 grep 'doversion(FONTFORGE_MODTIME_STR)' fontforgeexe/startnoui.c && \