diff --git a/groff-1.18.1.1-destbufferoverflow.patch b/groff-1.18.1.1-destbufferoverflow.patch
new file mode 100644
index 0000000..1718d91
--- /dev/null
+++ b/groff-1.18.1.1-destbufferoverflow.patch
@@ -0,0 +1,13 @@
+Index: src/devices/grops/ps.cc
+===================================================================
+--- src/devices/grops/ps.cc.orig	2002-06-19 23:07:33.000000000 +0200
++++ src/devices/grops/ps.cc	2008-10-07 23:57:44.000000000 +0200
+@@ -739,7 +739,7 @@ void ps_printer::encode_fonts()
+ {
+   if (next_encoding_index == 0)
+     return;
+-  char *done_encoding = new char[next_encoding_index];
++  char *done_encoding = new char[next_encoding_index +1];
+   for (int i = 0; i < next_encoding_index; i++)
+     done_encoding[i] = 0;
+   for (font_pointer_list *f = font_list; f; f = f->next) {
diff --git a/groff.changes b/groff.changes
index b96e0ca..58b34db 100644
--- a/groff.changes
+++ b/groff.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Wed Oct  8 02:10:33 CEST 2008 - crrodriguez@suse.de
+
+- fix buffer overflow in ps.cc 
+
 -------------------------------------------------------------------
 Mon Oct  6 22:15:13 CEST 2008 - meissner@suse.de
 
diff --git a/groff.spec b/groff.spec
index d81c696..4e5a6ed 100644
--- a/groff.spec
+++ b/groff.spec
@@ -29,7 +29,7 @@ Obsoletes:      jgroff
 PreReq:         %fillup_prereq %install_info_prereq
 AutoReqProv:    on
 Version:        1.18.1.1
-Release:        164
+Release:        165
 Summary:        GNU troff Document Formatting System
 Url:            http://www.gnu.org/software/groff/groff.html
 # cvs -z3 -d:pserver:anonymous@cvs.savannah.gnu.org:/sources/groff co groff
@@ -52,6 +52,7 @@ Patch10:        bugzilla-217106-too-few-arguments-in-function-call.patch
 Patch11:        bugzilla-292412-special-encoding-handling-also-for-chinese.patch
 Patch12:        gcc43.patch
 Patch13:        fgets-overflow.patch
+Patch14:        groff-1.18.1.1-destbufferoverflow.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -86,6 +87,7 @@ Authors:
 %patch11 -p1
 %patch12 -p0
 %patch13 -p0
+%patch14
 
 %build
 # remove empty backups
@@ -187,6 +189,8 @@ popd
 /var/adm/fillup-templates/sysconfig.suseconfig-groff
 
 %changelog
+* Wed Oct 08 2008 crrodriguez@suse.de
+- fix buffer overflow in ps.cc
 * Tue Oct 07 2008 meissner@suse.de
 - fixed fgets overflow
 - fixed some rpmlint issues
diff --git a/gxdview.spec b/gxdview.spec
index e221ea9..422e4cf 100644
--- a/gxdview.spec
+++ b/gxdview.spec
@@ -25,7 +25,7 @@ AutoReqProv:    on
 Requires:       groff
 Conflicts:      jgxdview
 Version:        1.18.1.1
-Release:        205
+Release:        206
 Summary:        Ditroff Output Displayer for Groff
 Url:            http://www.gnu.org/software/groff/groff.html
 Source0:        ftp://ftp.gnu.org/gnu/groff/groff-1.18.1.1.tar.bz2