diff --git a/groff-1.20.1-CVE-2009-5044.patch b/groff-1.20.1-CVE-2009-5044.patch
new file mode 100644
index 0000000..46886fa
--- /dev/null
+++ b/groff-1.20.1-CVE-2009-5044.patch
@@ -0,0 +1,55 @@
+Index: groff-1.20.1/contrib/pdfmark/pdfroff.sh
+===================================================================
+--- groff-1.20.1.orig/contrib/pdfmark/pdfroff.sh	2011-06-09 10:41:29.000000000 +0200
++++ groff-1.20.1/contrib/pdfmark/pdfroff.sh	2011-06-09 10:54:58.208448083 +0200
+@@ -145,14 +145,16 @@
+ 
+   GROFF_TMPDIR=${WRKDIR}
+ 
+-  WRKFILE=${GROFF_TMPDIR}/pdf$$.tmp
++  WRKFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.tmp`
+ #
+-  REFCOPY=${GROFF_TMPDIR}/pdf$$.cmp
+-  REFFILE=${GROFF_TMPDIR}/pdf$$.ref
++  REFCOPY=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.cmp`
++  REFFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.ref`
+ #
+   CS_DATA=""
+-  TC_DATA=${GROFF_TMPDIR}/pdf$$.tc
+-  BD_DATA=${GROFF_TMPDIR}/pdf$$.ps
++  TC_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.tc`
++  BD_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.ps`
++
++  STREAMFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.in`
+ #
+ # Initialise 'groff' format control settings,
+ # to discriminate table of contents and document body formatting passes.
+@@ -305,7 +307,7 @@
+                ;;
+ 
+              --stylesheet)
+-               STYLESHEET="$OPTARG" CS_DATA=${GROFF_TMPDIR}/pdf$$.cs
++               STYLESHEET="$OPTARG" CS_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.cs`
+                ;;
+ 
+ 	     --no-toc-relocation)
+@@ -338,7 +340,7 @@
+ #     so set up a mechanism to achieve this, for ALL 'groff' passes.
+ #
+       - | -i*)
+-	   STREAM="$CAT ${GROFF_TMPDIR}/pdf$$.in |"
++	   STREAM="$CAT ${STREAMFILE} |"
+ 	   test "$1" = "-" && INPUT_FILES="$INPUT_FILES $1" \
+ 	     || GROFF_STYLE="$GROFF_STYLE $1" 
+ 	   ;;
+@@ -410,8 +412,8 @@
+ # or if no input files are specified, then we need to capture STDIN,
+ # so we can replay it into each 'groff' processing pass.
+ #
+-  test -z "$INPUT_FILES" && STREAM="$CAT ${GROFF_TMPDIR}/pdf$$.in |"
+-  test -n "$STREAM" && $CAT > ${GROFF_TMPDIR}/pdf$$.in
++  test -z "$INPUT_FILES" && STREAM="$CAT ${STREAMFILE} |"
++  test -n "$STREAM" && $CAT > ${STREAMFILE}
+ #
+ # Unless reference resolution is explicitly suppressed,
+ # we initiate it by touching the cross reference dictionary file,
diff --git a/groff-1.20.1-deunicode.patch b/groff-1.20.1-deunicode.patch
index 76bf582..dc62bc5 100644
--- a/groff-1.20.1-deunicode.patch
+++ b/groff-1.20.1-deunicode.patch
@@ -1,24 +1,17 @@
 Index: groff-1.20.1/tmac/tty.tmac
 ===================================================================
 --- groff-1.20.1.orig/tmac/tty.tmac	2009-01-09 15:25:52.000000000 +0100
-+++ groff-1.20.1/tmac/tty.tmac	2011-06-06 12:03:56.471652140 +0200
-@@ -66,7 +66,7 @@
++++ groff-1.20.1/tmac/tty.tmac	2011-06-08 11:06:28.611516653 +0200
+@@ -65,8 +65,11 @@
+ .fchar \[.i] i
  .fchar \[bq] ,
  .
- .if '\*[.T]'utf8' \
--.  mso unicode.tmac
-+.  mso deunicode.tmac
+-.if '\*[.T]'utf8' \
++.if '\*[.T]'utf8' \{\
+ .  mso unicode.tmac
++.\" use ascii hyphenation characters - bnc#68385
++.  shc -
++.\}
  .
  .\" color definitions
  .defcolor black rgb #000000
-Index: groff-1.20.1/tmac/deunicode.tmac
-===================================================================
---- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ groff-1.20.1/tmac/deunicode.tmac	2011-06-06 12:05:47.272652051 +0200
-@@ -0,0 +1,6 @@
-+.\" deunicode.tmac
-+.\"
-+.char \[hy] -
-+.char \[oq] `
-+.char \[cq] '
-+.\" EOF
diff --git a/groff.changes b/groff.changes
index db115c0..d6d8451 100644
--- a/groff.changes
+++ b/groff.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Jun  8 09:06:44 UTC 2011 - mvyskocil@suse.cz
+
+- fix bnc#698290: insecure temporary file handling in pdfroff
+  * groff-1.20.1-CVE-2009-5044.patch
+- fix bnc#683857: Unicode characters in use properly
+  * change the soft hyphenation char to - in tty.tmac
+
 -------------------------------------------------------------------
 Mon Jun  6 10:10:08 UTC 2011 - mvyskocil@suse.cz
 
diff --git a/groff.spec b/groff.spec
index d7096c8..0d8445b 100644
--- a/groff.spec
+++ b/groff.spec
@@ -38,6 +38,7 @@ Patch1:         groff-1.20.1-destbufferoverflow.patch
 Patch2:         groff-1.20.1-nroff-empty-LANGUAGE.patch
 Patch3:         groff-1.20.1-groffer-libexecdir.patch
 Patch4:         groff-1.20.1-deunicode.patch
+Patch5:         groff-1.20.1-CVE-2009-5044.patch
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  gcc-c++
@@ -86,6 +87,7 @@ programs store their man pages in either /usr/share/man/ or
 %patch2 -p1 -b .bnc540600
 %patch3 -p1 -b .groffer-libexecdir
 %patch4 -p1 -b .deunicode
+%patch5 -p1 -b .CVE-2009-5044
 
 %build
 PATH=$PWD/src/roff/troff:$PWD/src/preproc/pic:$PWD/src/preproc/eqn:$PWD/src/preproc/tbl:$PWDsrc/preproc/refer:$PWD/src/preproc/soelim:$PATH
diff --git a/gxditview.changes b/gxditview.changes
index 4b358c9..b12c1c9 100644
--- a/gxditview.changes
+++ b/gxditview.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Jun  8 09:52:07 UTC 2011 - mvyskocil@suse.cz
+
+- fix #bnc#668254: xditview don't show tilde
+  * gxditview Supplements the groff and X11 libs
+
 -------------------------------------------------------------------
 Thu Apr 28 12:04:23 UTC 2011 - mvyskocil@suse.cz
 
diff --git a/gxditview.spec b/gxditview.spec
index 766d9c4..b8bbdce 100644
--- a/gxditview.spec
+++ b/gxditview.spec
@@ -36,6 +36,8 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  gcc-c++
 BuildRequires:  xorg-x11-devel
 Requires:       groff
+# bnc#668254
+Supplements:    packageand(groff:xorg-x11-libX11)
 Conflicts:      jgxdview
 Provides:       gxdview = %{version}-%{release}
 Obsoletes:      gxdview < %{version}