diff --git a/xdg-open-be-more-paranoid-in-escaping.patch b/xdg-open-be-more-paranoid-in-escaping.patch
new file mode 100644
index 0000000..5d366e3
--- /dev/null
+++ b/xdg-open-be-more-paranoid-in-escaping.patch
@@ -0,0 +1,50 @@
+From: Jiri Slaby <jslaby@suse.cz>
+Date: Mon, 20 May 2013 13:53:04 +0200
+Subject: xdg-open: be more paranoid in escaping
+Patch-mainline: not yet, submitted 2013/05/20
+References: bnc#811959
+
+When trying to open URLs like:
+  http://www.google.com/search?hl=en&q=HTTP+'M-SEARCH * HTTP/1.1\r\n'
+we fail terribly in the generic case. \r and \n are replaced by line
+feed+CR, * is replaced by the contents of the current directory.
+
+So escape all those before used and expanded by sed. And also later
+when invoking.
+
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ scripts/xdg-open.in | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/scripts/xdg-open.in b/scripts/xdg-open.in
+index eda1cfb..0934142 100644
+--- a/scripts/xdg-open.in
++++ b/scripts/xdg-open.in
+@@ -135,16 +135,16 @@ search_desktop_file()
+         command="`grep -E "^Exec(\[[^]=]*])?=" "$file" | cut -d= -f 2- | first_word`"
+         command_exec=`which $command 2>/dev/null`
+         arguments="`grep -E "^Exec(\[[^]=]*])?=" "$file" | cut -d= -f 2- | last_word`"
+-        arg_one="`echo $arg | sed 's/&/\\\\&/g'`"
+-        arguments_exec="`echo $arguments | sed -e 's*%[fFuU]*"'"$arg_one"'"*g'`"
++        arg_one="`echo "$arg" | sed 's/[&*\\]/\\\\&/g'`"
++        arguments_exec="`echo "$arguments" | sed -e 's*%[fFuU]*"'"$arg_one"'"*g'`"
+ 
+         if [ -x "$command_exec" ] ; then
+-            if echo $arguments | grep -iq '%[fFuU]' ; then
+-                echo START $command_exec $arguments_exec
+-                eval $command_exec $arguments_exec
++            if echo "$arguments" | grep -iq '%[fFuU]' ; then
++                echo START "$command_exec" "$arguments_exec"
++                eval "$command_exec" "$arguments_exec"
+             else
+-                echo START $command_exec $arguments_exec "$arg"
+-                eval $command_exec $arguments_exec "$arg"
++                echo START "$command_exec" "$arguments_exec" "$arg"
++                eval "$command_exec" "$arguments_exec" "$arg"
+             fi
+ 
+             if [ $? -eq 0 ]; then
+-- 
+1.8.2.3
+
diff --git a/xdg-utils-20120916.tar.xz b/xdg-utils-20120916.tar.xz
deleted file mode 100644
index b5c2e59..0000000
--- a/xdg-utils-20120916.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:50f1b375de7b1717ade76d1e0429760aca4ce870b1b4d6cbe20391ae2c22b082
-size 277108
diff --git a/xdg-utils-20121008.tar.xz b/xdg-utils-20121008.tar.xz
new file mode 100644
index 0000000..0bd3a25
--- /dev/null
+++ b/xdg-utils-20121008.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a9958811bc3b145b4e5cbbbd810d5784fe40faffb4ff3ed31f1d938c3e26d8b4
+size 272688
diff --git a/xdg-utils.changes b/xdg-utils.changes
index c3a1986..e343138 100644
--- a/xdg-utils.changes
+++ b/xdg-utils.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon May 20 11:57:03 UTC 2013 - jslaby@suse.com
+
+- update to 20121008
+  * xdg-mime does not search mimeinfo.cache (BR31629)
+- xdg-open-be-more-paranoid-in-escaping.patch: xdg-open: be more
+  paranoid in escaping (bnc#811959)
+
 -------------------------------------------------------------------
 Mon Sep 17 13:24:00 UTC 2012 - jslaby@suse.com
 
diff --git a/xdg-utils.spec b/xdg-utils.spec
index 3408a62..5fe26b4 100644
--- a/xdg-utils.spec
+++ b/xdg-utils.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package xdg-utils
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -25,7 +25,7 @@ BuildRequires:  w3m
 Summary:        Utilities to uniformly interface desktop environments
 License:        MIT
 Group:          System/GUI/Other
-Version:        20120916
+Version:        20121008
 Release:        0
 BuildArch:      noarch
 Url:            http://portland.freedesktop.org/
@@ -33,6 +33,7 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 # http://portland.freedesktop.org/download/xdg-utils-%%{version}.tgz
 Source0:        xdg-utils-%{version}.tar.xz
 Patch0:         install-some-more-scripts.diff
+Patch1:         xdg-open-be-more-paranoid-in-escaping.patch
 Patch8:         xdg-screensaver-gnome-perl.diff
 Requires:       perl
 Requires:       perl-Net-DBus
@@ -56,6 +57,7 @@ these utilities work properly in their environment.
 %prep
 %setup -q -n %name-%{version}
 %patch0 -p1
+%patch1 -p1
 %patch8 -p1
 
 %build