diff --git a/libidn-CVE-2017-14062.patch b/libidn-CVE-2017-14062.patch
new file mode 100644
index 0000000..850b700
--- /dev/null
+++ b/libidn-CVE-2017-14062.patch
@@ -0,0 +1,33 @@
+Index: libidn-1.28/lib/punycode.c
+===================================================================
+--- libidn-1.28.orig/lib/punycode.c
++++ libidn-1.28/lib/punycode.c
+@@ -89,11 +89,11 @@ enum
+ /* point (for use in representing integers) in the range 0 to */
+ /* base-1, or base if cp does not represent a value.          */
+ 
+-static punycode_uint
+-decode_digit (punycode_uint cp)
++static unsigned
++decode_digit (int cp)
+ {
+-  return cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 :
+-    cp - 97 < 26 ? cp - 97 : base;
++  return (unsigned) (cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 :
++    cp - 97 < 26 ? cp - 97 : base);
+ }
+ 
+ /* encode_digit(d,flag) returns the basic code point whose value      */
+Index: libidn-1.28/tests/tst_idna.c
+===================================================================
+--- libidn-1.28.orig/tests/tst_idna.c
++++ libidn-1.28/tests/tst_idna.c
+@@ -211,7 +211,7 @@ static const struct idna idna[] = {
+     'x', 'n', '-', '-', 'f', 'o', 0x3067},
+    IDNA_ACE_PREFIX "too long too long too long too long too long too "
+    "long too long too long too long too long ", 0,
+-   IDNA_CONTAINS_ACE_PREFIX, IDNA_PUNYCODE_ERROR}
++   IDNA_CONTAINS_ACE_PREFIX, IDNA_INVALID_LENGTH}
+ };
+ 
+ void
diff --git a/libidn.changes b/libidn.changes
index bd4386e..f2377d2 100644
--- a/libidn.changes
+++ b/libidn.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Mar 26 08:36:44 UTC 2018 - tchvatal@suse.com
+
+- Add patch to fix bsc#1056450 CVE-2017-14062:
+  * libidn-CVE-2017-14062.patch
+
 -------------------------------------------------------------------
 Thu Feb 22 15:10:36 UTC 2018 - fvogt@suse.com
 
diff --git a/libidn.spec b/libidn.spec
index b352736..99ef20f 100644
--- a/libidn.spec
+++ b/libidn.spec
@@ -21,14 +21,19 @@ Name:           libidn
 Version:        1.33
 Release:        0
 Summary:        Support for Internationalized Domain Names (IDN)
-License:        (GPL-2.0+ or LGPL-3.0+) and GPL-3.0+ and Apache-2.0
+License:        (GPL-2.0-or-later OR LGPL-3.0-or-later) AND GPL-3.0-or-later AND Apache-2.0
 Group:          Development/Libraries/C and C++
-Url:            http://www.gnu.org/software/libidn/
+URL:            http://www.gnu.org/software/libidn/
 Source0:        http://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz
 Source1:        http://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz.sig
 Source2:        libidn.keyring
 Source3:        baselibs.conf
 Patch0:         libidn-gcc7-part1.patch
+Patch1:         libidn-CVE-2017-14062.patch
+BuildRequires:  autoconf
+BuildRequires:  automake
+BuildRequires:  libtool
+BuildRequires:  makeinfo
 BuildRequires:  pkgconfig
 Requires(post): %{install_info_prereq}
 
@@ -47,7 +52,7 @@ IDNA is supported.
 
 %package tools
 Summary:        Command line utility to convert Int. Domain Names
-License:        (GPL-2.0+ or LGPL-3.0+) and GPL-3.0+
+License:        (GPL-2.0-or-later OR LGPL-3.0-or-later) AND GPL-3.0-or-later
 Group:          Productivity/Networking/DNS/Utilities
 
 %description tools
@@ -65,7 +70,7 @@ Compatible Encoding (ACE) via IDNA is supported.
 
 %package -n %{lname}
 Summary:        Support for Internationalized Domain Names (IDN)
-License:        (GPL-2.0+ or LGPL-3.0+) and GPL-3.0+
+License:        (GPL-2.0-or-later OR LGPL-3.0-or-later) AND GPL-3.0-or-later
 Group:          System/Libraries
 
 %description -n %{lname}
@@ -83,7 +88,7 @@ Compatible Encoding (ACE) via IDNA is supported.
 
 %package devel
 Summary:        Include Files and Libraries mandatory for Development
-License:        LGPL-2.1+
+License:        LGPL-2.1-or-later
 Group:          Development/Libraries/C and C++
 Requires:       %{lname} = %{version}
 Requires:       glibc-devel
@@ -104,8 +109,10 @@ IDNA is supported.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 
 %build
+autoreconf -fvi
 %configure \
     --disable-silent-rules \
     --with-pic \
@@ -134,23 +141,20 @@ make check %{?_smp_mflags}
 %postun -n %{lname} -p /sbin/ldconfig
 
 %files tools -f %{name}.lang
-%defattr(-,root,root)
 %dir %{_datadir}/emacs
 %dir %{_datadir}/emacs/site-lisp
 %doc AUTHORS ChangeLog FAQ NEWS README THANKS TODO
 %{_infodir}/libidn*
 %{_bindir}/idn
-%{_mandir}/man1/idn.1%{ext_man}
+%{_mandir}/man1/idn.1%{?ext_man}
 %{_datadir}/emacs/site-lisp/idna.el
 %{_datadir}/emacs/site-lisp/punycode.el
 
 %files -n %{lname}
-%defattr(-,root,root)
 %license COPYING*
 %{_libdir}/libidn.so.11*
 
 %files devel
-%defattr(-,root,root)
 %{_libdir}/libidn.so
 %{_includedir}/*.h
 %{_libdir}/pkgconfig/libidn.pc