diff --git a/SOURCES/ImageMagick-cve-2020-29599.patch b/SOURCES/ImageMagick-cve-2020-29599.patch
new file mode 100644
index 0000000..6870f34
--- /dev/null
+++ b/SOURCES/ImageMagick-cve-2020-29599.patch
@@ -0,0 +1,78 @@
+diff -up ImageMagick-6.9.10-68/coders/pdf.c.authenticate ImageMagick-6.9.10-68/coders/pdf.c
+--- ImageMagick-6.9.10-68/coders/pdf.c.authenticate	2019-10-06 00:26:16.000000000 +0200
++++ ImageMagick-6.9.10-68/coders/pdf.c	2020-12-18 09:59:52.319382761 +0100
+@@ -364,6 +364,36 @@ static inline void CleanupPDFInfo(PDFInf
+     pdf_info->profile=DestroyStringInfo(pdf_info->profile);
+ }
+ 
++static char *SanitizeDelegateString(const char *source)
++{
++  char
++    *sanitize_source;
++
++  const char
++    *q;
++
++  register char
++    *p;
++
++  static char
++#if defined(MAGICKCORE_WINDOWS_SUPPORT)
++    whitelist[] =
++      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 "
++      "$-_.+!;*(),{}|^~[]`\'><#%/?:@&=";
++#else
++    whitelist[] =
++      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 "
++      "$-_.+!;*(),{}|\\^~[]`\"><#%/?:@&=";
++#endif
++
++  sanitize_source=AcquireString(source);
++  p=sanitize_source;
++  q=sanitize_source+strlen(sanitize_source);
++  for (p+=strspn(p,whitelist); p != q; p+=strspn(p,whitelist))
++    *p='_';
++  return(sanitize_source);
++}
++
+ static Image *ReadPDFImage(const ImageInfo *image_info,ExceptionInfo *exception)
+ {
+   char
+@@ -585,11 +615,19 @@ static Image *ReadPDFImage(const ImageIn
+   if (option != (char *) NULL)
+     {
+       char
+-        passphrase[MaxTextExtent];
++        passphrase[MagickPathExtent],
++        *sanitize_passphrase;
+ 
+-      (void) FormatLocaleString(passphrase,MaxTextExtent,
+-        "\"-sPDFPassword=%s\" ",option);
+-      (void) ConcatenateMagickString(options,passphrase,MaxTextExtent);
++      sanitize_passphrase=SanitizeDelegateString(image_info->authenticate);
++#if defined(MAGICKCORE_WINDOWS_SUPPORT)
++      (void) FormatLocaleString(passphrase,MagickPathExtent,
++        "\"-sPDFPassword=%s\" ",sanitize_passphrase);
++#else
++      (void) FormatLocaleString(passphrase,MagickPathExtent,
++        "'-sPDFPassword=%s' ",sanitize_passphrase);
++#endif
++      sanitize_passphrase=DestroyString(sanitize_passphrase);
++      (void) ConcatenateMagickString(options,passphrase,MagickPathExtent);
+     }
+   read_info=CloneImageInfo(image_info);
+   *read_info->magick='\0';
+diff -up ImageMagick-6.9.10-68/config/delegates.xml.in.authenticate ImageMagick-6.9.10-68/config/delegates.xml.in
+--- ImageMagick-6.9.10-68/config/delegates.xml.in.authenticate	2019-10-06 00:26:16.000000000 +0200
++++ ImageMagick-6.9.10-68/config/delegates.xml.in	2020-12-18 10:02:24.491442232 +0100
+@@ -90,8 +90,8 @@
+   <delegate decode="pcl:cmyk" stealth="True" command="&quot;@PCLDelegate@&quot; -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@PCLCMYKDevice@&quot; -dTextAlphaBits=%u -dGraphicsAlphaBits=%u &quot;-r%s&quot; %s &quot;-sOutputFile=%s&quot; &quot;%s&quot;"/>
+   <delegate decode="pcl:color" stealth="True" command="&quot;@PCLDelegate@&quot; -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@PCLColorDevice@&quot; -dTextAlphaBits=%u -dGraphicsAlphaBits=%u &quot;-r%s&quot; %s &quot;-sOutputFile=%s&quot; &quot;%s&quot;"/>
+   <delegate decode="pcl:mono" stealth="True" command="&quot;@PCLDelegate@&quot; -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@PCLMonoDevice@&quot; -dTextAlphaBits=%u -dGraphicsAlphaBits=%u &quot;-r%s&quot; %s &quot;-sOutputFile=%s&quot; &quot;%s&quot;"/>
+-  <delegate decode="pdf" encode="eps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 -sPDFPassword=&quot;%a&quot; &quot;-sDEVICE=@GSEPSDevice@&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
+-  <delegate decode="pdf" encode="ps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSPSDevice@&quot; -sPDFPassword=&quot;%a&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
++  <delegate decode="pdf" encode="eps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSEPSDevice@&quot; &quot;-sPDFPassword=%a&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
++  <delegate decode="pdf" encode="ps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSPSDevice@&quot; &quot;-sPDFPassword=%a&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
+   <delegate decode="pnm" encode="trace" command="&quot;@TraceEncodeDelegate@&quot; --svg --output &quot;%o&quot; &quot;%i&quot;"/>
+   <delegate decode="png" encode="webp" command="&quot;@WebPEncodeDelegate@&quot; -quiet %Q &quot;%i&quot; -o &quot;%o&quot;"/>
+   <delegate decode="pnm" encode="ilbm" mode="encode" command="&quot;@ILBMEncodeDelegate@&quot; -24if &quot;%i&quot; &gt; &quot;%o&quot;"/>
diff --git a/SPECS/ImageMagick.spec b/SPECS/ImageMagick.spec
index 13d9ec3..b3f8028 100644
--- a/SPECS/ImageMagick.spec
+++ b/SPECS/ImageMagick.spec
@@ -3,7 +3,7 @@
 
 Name:		ImageMagick
 Version:		%{VER}.%{Patchlevel}
-Release:		4%{?dist}
+Release:		5%{?dist}
 Summary:		An X application for displaying and manipulating images
 Group:		Applications/Multimedia
 License:		ImageMagick
@@ -12,6 +12,7 @@ Source0:		ftp://ftp.ImageMagick.org/pub/%{name}/%{name}-%{VER}-%{Patchlevel}.tar
 
 Patch4:     ImageMagick-cve-2016-5118.patch
 Patch5:     ImageMagick-freeze-svg-empty-class.patch
+Patch6:     ImageMagick-cve-2020-29599.patch
 
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	bzip2-devel, freetype-devel, libjpeg-devel, libpng-devel
@@ -130,6 +131,7 @@ mkdir Magick++/examples
 cp -p Magick++/demo/*.cpp Magick++/demo/*.miff Magick++/examples
 %patch4 -p1 -b .cve-2016-5118
 %patch5 -p1 -b .cve-2016-5240
+%patch6 -p1 -b .cve-2020-29599
 
 %build
 %configure --enable-shared \
@@ -299,6 +301,9 @@ rm -rf %{buildroot}
 %doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
 
 %changelog
+* Fri Dec 18 2020 Jan Horak <jhorak@redhat.com> - 6.9.10.68-5
+- Adding CTV-2020-29599 fix
+
 * Fri Jul 10 2020 Jan Horak <jhorak@redhat.com> - 6.9.10.68-4
 - Build with openjpeg2 to support JPEG2000 again