diff --git a/libxslt-CVE-2019-18197.patch b/libxslt-CVE-2019-18197.patch
new file mode 100644
index 0000000..9c58ff8
--- /dev/null
+++ b/libxslt-CVE-2019-18197.patch
@@ -0,0 +1,30 @@
+From 2232473733b7313d67de8836ea3b29eec6e8e285 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sat, 17 Aug 2019 16:51:53 +0200
+Subject: [PATCH] Fix dangling pointer in xsltCopyText
+
+xsltCopyText didn't reset ctxt->lasttext in some cases which could
+lead to various memory errors in relation with CDATA sections in input
+documents.
+
+Found by OSS-Fuzz.
+---
+ libxslt/transform.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libxslt/transform.c b/libxslt/transform.c
+index 95ebd073..d7ab0b66 100644
+--- a/libxslt/transform.c
++++ b/libxslt/transform.c
+@@ -1094,6 +1094,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr target,
+ 	    if ((copy->content = xmlStrdup(cur->content)) == NULL)
+ 		return NULL;
+ 	}
++
++	ctxt->lasttext = NULL;
+     } else {
+         /*
+ 	 * normal processing. keep counters to extend the text node
+-- 
+2.22.0
+
diff --git a/libxslt.changes b/libxslt.changes
index f0b466f..a775489 100644
--- a/libxslt.changes
+++ b/libxslt.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Oct 21 13:55:37 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
+
+- Security fix [bsc#1154609, CVE-2019-18197]
+  * Fix dangling pointer in xsltCopyText
+  * Add libxslt-CVE-2019-18197.patch
+
 -------------------------------------------------------------------
 Tue Oct  1 08:24:01 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
 
diff --git a/libxslt.spec b/libxslt.spec
index f9d8452..4f23698 100644
--- a/libxslt.spec
+++ b/libxslt.spec
@@ -40,6 +40,8 @@ Patch4:         libxslt-CVE-2019-11068.patch
 Patch5:         libxslt-CVE-2019-13117.patch
 # PATCH-FIX-UPSTREAM bsc#1140101 CVE-2019-13118 Fix uninitialized read with UTF-8 grouping chars
 Patch6:         libxslt-CVE-2019-13118.patch
+# PATCH-FIX-UPSTREAM bsc#1154609 CVE-2019-18197 Fix dangling pointer in xsltCopyText
+Patch7:         libxslt-CVE-2019-18197.patch
 BuildRequires:  libgcrypt-devel
 BuildRequires:  libgpg-error-devel
 BuildRequires:  libtool
@@ -112,6 +114,7 @@ xtend the
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 %build
 autoreconf -fvi