diff --git a/fvwm-FvwmAuto-overflow.patch b/fvwm-FvwmAuto-overflow.patch
new file mode 100644
index 0000000..a0130a6
--- /dev/null
+++ b/fvwm-FvwmAuto-overflow.patch
@@ -0,0 +1,11 @@
+--- modules/FvwmAuto/FvwmAuto.c.orig
++++ modules/FvwmAuto/FvwmAuto.c
+@@ -340,6 +340,8 @@ main(int argc, char **argv)
+ 	{
+ 		len = max(len, strlen(leave_fn));
+ 	}
++	/* add space for newline and trailing 0 */
++	len += 2;
+ 	if (do_pass_id)
+ 	{
+ 		len += 32;
diff --git a/fvwm2.changes b/fvwm2.changes
index 4bb0b21..3b7ad5f 100644
--- a/fvwm2.changes
+++ b/fvwm2.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Jan 31 14:22:50 UTC 2023 - Reinhard Max <max@suse.com>
+
+- Fix a buffer overflow in the FvwmAuto module.
+  fvwm-FvwmAuto-overflow.patch 
+
 -------------------------------------------------------------------
 Tue Mar  3 09:30:08 UTC 2020 - Dr. Werner Fink <werner@suse.de>
 
diff --git a/fvwm2.spec b/fvwm2.spec
index 0377433..a1ca67c 100644
--- a/fvwm2.spec
+++ b/fvwm2.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package fvwm2
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -32,6 +32,7 @@ Patch0:         fvwm-configure.patch
 Patch1:         fvwm-2.5.26-sv_SE.patch
 Patch2:         fvwm-no-date-time.patch
 Patch3:         enable-more-mouse-buttons.patch
+Patch4:         fvwm-FvwmAuto-overflow.patch
 BuildRequires:  automake
 BuildRequires:  gcc-c++
 BuildRequires:  libpng-devel
@@ -63,7 +64,7 @@ Requires:       wallpaper-branding
 Requires:       xdg-menu
 Requires:       xli
 Requires(post): update-alternatives
-Requires(postun): update-alternatives
+Requires(postun):update-alternatives
 Provides:       fvwm
 Provides:       fvwmicns
 Provides:       windowmanager