diff --git a/SOURCES/doxygen-1.8.5-CVE-2016-10245-cross-site-scripting.patch b/SOURCES/doxygen-1.8.5-CVE-2016-10245-cross-site-scripting.patch
new file mode 100644
index 0000000..5b4cd9c
--- /dev/null
+++ b/SOURCES/doxygen-1.8.5-CVE-2016-10245-cross-site-scripting.patch
@@ -0,0 +1,11 @@
+diff -up doxygen-1.8.5/src/search_opensearch.php.than doxygen-1.8.5/src/search_opensearch.php
+--- doxygen-1.8.5/src/search_opensearch.php.than	2019-07-25 13:23:49.988957523 +0200
++++ doxygen-1.8.5/src/search_opensearch.php	2019-07-25 13:24:16.842105308 +0200
+@@ -3,6 +3,7 @@ require "search-functions.php";
+ 
+ $mode = array_key_exists('v', $_GET)?$_GET['v']:"";
+ $query = array_key_exists('query', $_GET)?$_GET['query']:"";
++$query = preg_replace("/[^a-zA-Z0-9\-\_\.\x80-\xFF]/i", " ", $query );
+ 
+ $query_results = run_query($query);
+ 
diff --git a/SOURCES/doxygen-1.8.5-bz#1483569.patch b/SOURCES/doxygen-1.8.5-bz#1483569.patch
new file mode 100644
index 0000000..7fd14be
--- /dev/null
+++ b/SOURCES/doxygen-1.8.5-bz#1483569.patch
@@ -0,0 +1,98 @@
+diff -up doxygen-1.8.5/src/scanner.l.than doxygen-1.8.5/src/scanner.l
+--- doxygen-1.8.5/src/scanner.l.than	2017-08-21 18:24:54.220442124 +0200
++++ doxygen-1.8.5/src/scanner.l	2017-08-21 18:25:01.241178886 +0200
+@@ -191,6 +191,7 @@ static QCString         g_delimiter;
+ static int              g_column;
+ 
+ static int              g_fencedSize=0;
++static bool             g_nestedComment=0;
+ 
+ //-----------------------------------------------------------------------------
+ 
+@@ -6155,23 +6156,27 @@ OPERATOR  "operator"{B}*({ARITHOP}|{ASSI
+ 				            docBlockName.at(1)='}';
+ 					  }
+                                           g_fencedSize=0;
++                                          g_nestedComment=FALSE;
+   					  BEGIN(DocCopyBlock);
+                                         }
+ <DocBlock>"<"{PRE}">"			{
+                                           docBlock+=yytext;
+ 				          docBlockName="<pre>";
+                                           g_fencedSize=0;
++                                          g_nestedComment=FALSE;
+   					  BEGIN(DocCopyBlock);
+   					}
+ <DocBlock>{CMD}("verbatim"|"latexonly"|"htmlonly"|"xmlonly"|"manonly"|"dot"|"code")/[^a-z_A-Z0-9]	{ // verbatim command (which could contain nested comments!)
+                                           docBlock+=yytext;
+ 				          docBlockName=&yytext[1];
+                                           g_fencedSize=0;
++                                          g_nestedComment=FALSE;
+   					  BEGIN(DocCopyBlock);
+   					}
+ <DocBlock>"~~~"[~]*                     {
+                                           docBlock+=yytext;
+                                           g_fencedSize=yyleng;
++                                          g_nestedComment=FALSE;
+                                           BEGIN(DocCopyBlock);
+                                         }
+ <DocBlock>{B}*"<code>"                  {
+@@ -6179,6 +6184,7 @@ OPERATOR  "operator"{B}*({ARITHOP}|{ASSI
+ 					  {
+ 					    docBlock+=yytext;
+ 					    docBlockName="<code>";
++                                            g_nestedComment=FALSE;
+ 					    BEGIN(DocCopyBlock);
+ 					  }
+ 					  else
+@@ -6240,12 +6246,32 @@ OPERATOR  "operator"{B}*({ARITHOP}|{ASSI
+                                             docBlock+=indent;
+                                           }
+   					}
+-<DocCopyBlock>^{B}*+"*"/{BN}*		{ // start of a comment line
++<DocCopyBlock>^{B}*"*"+/{BN}+"*"{BN}*	{ // start of a comment line with two *'s
+   					  if (docBlockName=="code")
+                                           {
+                                             QCString indent;
+-                                            indent.fill(' ',computeIndent(yytext,0)-1);
+-                                            docBlock+=indent+"*";
++                                            indent.fill(' ',computeIndent(yytext,0));
++                                            docBlock+=indent;
++                                          }
++                                          else
++					  {
++					    REJECT;
++					  }
++  					}
++<DocCopyBlock>^{B}*"*"+/{BN}*		{ // start of a comment line with one *
++  					  if (docBlockName=="code")
++                                          {
++                                            QCString indent;
++                                            if (g_nestedComment) // keep * it is part of the code
++                                            {
++                                              indent.fill(' ',computeIndent(yytext,-1));
++                                              docBlock+=indent+"*";
++                                            }
++                                            else // remove * it is part of the comment block
++                                            {
++                                              indent.fill(' ',computeIndent(yytext,0));
++                                              docBlock+=indent;
++                                            }
+                                           }
+                                           else
+ 					  {
+@@ -6263,6 +6289,14 @@ OPERATOR  "operator"{B}*({ARITHOP}|{ASSI
+   					  docBlock+=yytext;
+   					}
+ <DocCopyBlock>"/*"|"*/"|"//"		{
++                                          if (yytext[1]=='*')
++                                          {
++                                            g_nestedComment=TRUE;
++                                          }
++                                          else if (yytext[0]=='*')
++                                          {
++                                            g_nestedComment=FALSE;
++                                          }
+   					  docBlock+=yytext;
+ 					}
+ <DocCopyBlock>\n			{ // newline
diff --git a/SPECS/doxygen.spec b/SPECS/doxygen.spec
index afc8b42..4b5f4d8 100644
--- a/SPECS/doxygen.spec
+++ b/SPECS/doxygen.spec
@@ -2,7 +2,7 @@ Summary: A documentation system for C/C++
 Name:    doxygen
 Epoch:   1
 Version: 1.8.5
-Release: 3%{?dist}
+Release: 4%{?dist}
 
 # No version is specified.
 License: GPL+
@@ -15,6 +15,8 @@ Source2: doxywizard.desktop
 Patch1: doxygen-1.8.5-config.patch
 Patch2: doxygen-1.8.5-html_timestamp_default_false.patch 
 Patch3: doxygen-1.8.3-multilib.patch
+Patch4: doxygen-1.8.5-bz#1483569.patch
+Patch5: doxygen-1.8.5-CVE-2016-10245-cross-site-scripting.patch
 
 BuildRequires: perl
 BuildRequires: tex(dvips)
@@ -64,6 +66,8 @@ Requires: tex(xtab.sty)
 %patch1 -p1 -b .config
 %patch2 -p1 -b .html_timestamp_default_false
 %patch3 -p1 -b .multilib
+%patch4 -p1 -b .bz#1483569-incorrect-processing-of-code-blocks
+%patch5 -p1 -b .CVE-2016-10245-cross-site-scripting 
 
 # convert into utf-8
 iconv --from=ISO-8859-1 --to=UTF-8 LANGUAGE.HOWTO > LANGUAGE.HOWTO.new
@@ -119,6 +123,10 @@ desktop-file-install \
 
 
 %changelog
+* Mon Jul 29 2019 Than Ngo <than@redhat.com> - 1:1.8.5-4
+- Resolves: #1483569, incorrect processing of code blocks
+- Resolves: #1724173 - CVE-2016-10245, cross-site scripting
+
 * Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1:1.8.5-3
 - Mass rebuild 2014-01-24