diff --git a/gh-78214-marshal_stabilize_FLAG_REF.patch b/gh-78214-marshal_stabilize_FLAG_REF.patch
new file mode 100644
index 0000000..d255f3c
--- /dev/null
+++ b/gh-78214-marshal_stabilize_FLAG_REF.patch
@@ -0,0 +1,28 @@
+From 6c8ea7c1dacd42f3ba00440231ec0e6b1a38300d Mon Sep 17 00:00:00 2001
+From: Inada Naoki <songofacandy@gmail.com>
+Date: Sat, 14 Jul 2018 00:46:11 +0900
+Subject: [PATCH] Use FLAG_REF always for interned strings
+
+---
+ Python/marshal.c |    9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+--- a/Python/marshal.c
++++ b/Python/marshal.c
+@@ -298,9 +298,14 @@ w_ref(PyObject *v, char *flag, WFILE *p)
+     if (p->version < 3 || p->hashtable == NULL)
+         return 0; /* not writing object references */
+ 
+-    /* if it has only one reference, it definitely isn't shared */
+-    if (Py_REFCNT(v) == 1)
++    /* If it has only one reference, it definitely isn't shared.
++     * But we use TYPE_REF always for interned string, to PYC file stable
++     * as possible.
++     */
++    if (Py_REFCNT(v) == 1 &&
++            !(PyUnicode_CheckExact(v) && PyUnicode_CHECK_INTERNED(v))) {
+         return 0;
++    }
+ 
+     entry = _Py_hashtable_get_entry(p->hashtable, v);
+     if (entry != NULL) {
diff --git a/python39.changes b/python39.changes
index d954c25..ea75588 100644
--- a/python39.changes
+++ b/python39.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Wed Jul 19 11:15:39 UTC 2023 - Matej Cepl <mcepl@suse.com>
+
+- Add gh-78214-marshal_stabilize_FLAG_REF.patch to marshal.c for
+  stabilizing FLAG_REF usage (required for reproduceability;
+  bsc#1213463).
+
+-------------------------------------------------------------------
+Fri Jul 14 10:25:54 UTC 2023 - Matej Cepl <mcepl@suse.com>
+
+- Revert faulty fix for CVE-2023-27043 (gh#python/cpython#106669)
+
 -------------------------------------------------------------------
 Fri Jun 30 20:23:43 UTC 2023 - Matej Cepl <mcepl@suse.com>
 
diff --git a/python39.spec b/python39.spec
index 52ef175..f6e85fb 100644
--- a/python39.spec
+++ b/python39.spec
@@ -161,6 +161,9 @@ Patch35:        support-expat-CVE-2022-25236-patched.patch
 # PATCH-FIX-UPSTREAM 98437-sphinx.locale._-as-gettext-in-pyspecific.patch gh#python/cpython#98366 mcepl@suse.com
 # this patch makes things totally awesome
 Patch37:        98437-sphinx.locale._-as-gettext-in-pyspecific.patch
+# PATCH-FIX-UPSTREAM gh-78214-marshal_stabilize_FLAG_REF.patch bsc#1213463 mcepl@suse.com
+# marshal: Stabilize FLAG_REF usage
+Patch39:        gh-78214-marshal_stabilize_FLAG_REF.patch
 # PATCH-FIX-UPSTREAM 99366-patch.dict-can-decorate-async.patch bsc#[0-9]+ mcepl@suse.com
 # Patch for gh#python/cpython#98086
 Patch40:        99366-patch.dict-can-decorate-async.patch
@@ -425,6 +428,7 @@ other applications.
 %endif
 %patch35 -p1
 %patch37 -p1
+%patch39 -p1
 %patch40 -p1
 %if 0%{?sle_version} && 0%{?sle_version} <= 150500
 %patch41 -p1