diff --git a/htmldoc-CVE-2024-45508.patch b/htmldoc-CVE-2024-45508.patch
new file mode 100644
index 0000000..88b8046
--- /dev/null
+++ b/htmldoc-CVE-2024-45508.patch
@@ -0,0 +1,13 @@
+Index: htmldoc-1.9.18/htmldoc/ps-pdf.cxx
+===================================================================
+--- htmldoc-1.9.18.orig/htmldoc/ps-pdf.cxx
++++ htmldoc-1.9.18/htmldoc/ps-pdf.cxx
+@@ -5234,7 +5234,7 @@ parse_paragraph(tree_t *t, /* I - Tree t
+ if (temp->markup != MARKUP_A)
+ break;
+
+- if (temp != NULL && temp->markup == MARKUP_NONE && temp->data[0] == ' ')
++ if (temp != NULL && temp->markup == MARKUP_NONE && temp->data[0] == ' ' && temp->data[1])
+ {
+ // Drop leading space...
+ for (dataptr = temp->data; *dataptr; dataptr ++)
diff --git a/htmldoc.changes b/htmldoc.changes
index fbc52f2..c972b0f 100644
--- a/htmldoc.changes
+++ b/htmldoc.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Sep 2 12:48:22 UTC 2024 - pgajdos@suse.com
+
+- security update
+- added patches
+ fix CVE-2024-45508 [bsc#1230022], HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
+ + htmldoc-CVE-2024-45508.patch
+
-------------------------------------------------------------------
Thu Feb 15 08:06:02 UTC 2024 - pgajdos@suse.com
diff --git a/htmldoc.spec b/htmldoc.spec
index 3ba0984..c5f18e6 100644
--- a/htmldoc.spec
+++ b/htmldoc.spec
@@ -24,6 +24,8 @@ License: LGPL-2.1-or-later
Group: Productivity/Publishing/HTML/Tools
URL: https://michaelrsweet.github.io/htmldoc/index.html
Source: https://github.com/michaelrsweet/htmldoc/releases/download/v%{version}/htmldoc-%{version}-source.tar.gz
+# CVE-2024-45508 [bsc#1230022], HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
+Patch0: htmldoc-CVE-2024-45508.patch
BuildRequires: cups-devel
BuildRequires: fltk-devel
BuildRequires: gcc-c++