diff --git a/SOURCES/expect-5.45-exp-log-buf-overflow.patch b/SOURCES/expect-5.45-exp-log-buf-overflow.patch
new file mode 100644
index 0000000..162db80
--- /dev/null
+++ b/SOURCES/expect-5.45-exp-log-buf-overflow.patch
@@ -0,0 +1,39 @@
+diff -up expect5.45/exp_log.c.orig expect5.45/exp_log.c
+--- expect5.45/exp_log.c.orig	2013-12-12 12:43:38.527854189 +0100
++++ expect5.45/exp_log.c	2013-12-12 12:49:26.866576387 +0100
+@@ -176,7 +176,7 @@ expStdoutLog TCL_VARARGS_DEF(int,arg1)
+ 
+     if ((!tsdPtr->logUser) && (!force_stdout) && (!tsdPtr->logAll)) return;
+ 
+-    (void) vsprintf(bigbuf,fmt,args);
++    (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+     expDiagWriteBytes(bigbuf,-1);
+     if (tsdPtr->logAll || (LOGUSER && tsdPtr->logChannel)) Tcl_WriteChars(tsdPtr->logChannel,bigbuf,-1);
+     if (LOGUSER) fprintf(stdout,"%s",bigbuf);
+@@ -222,7 +222,7 @@ expErrorLog TCL_VARARGS_DEF(char *,arg1)
+     va_list args;
+ 
+     fmt = TCL_VARARGS_START(char *,arg1,args);
+-    (void) vsprintf(bigbuf,fmt,args);
++    (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+ 
+     expDiagWriteChars(bigbuf,-1);
+     fprintf(stderr,"%s",bigbuf);
+@@ -264,7 +264,7 @@ expDiagLog TCL_VARARGS_DEF(char *,arg1)
+ 
+     fmt = TCL_VARARGS_START(char *,arg1,args);
+ 
+-    (void) vsprintf(bigbuf,fmt,args);
++    (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+ 
+     expDiagWriteBytes(bigbuf,-1);
+     if (tsdPtr->diagToStderr) {
+@@ -307,7 +307,7 @@ expPrintf TCL_VARARGS_DEF(char *,arg1)
+   int len, rc;
+ 
+   fmt = TCL_VARARGS_START(char *,arg1,args);
+-  len = vsprintf(bigbuf,arg1,args);
++  len = vsnprintf(bigbuf,sizeof(bigbuf),arg1,args);
+  retry:
+   rc = write(2,bigbuf,len);
+   if ((rc == -1) && (errno == EAGAIN)) goto retry;
diff --git a/SPECS/expect.spec b/SPECS/expect.spec
index 20e32f4..a483985 100644
--- a/SPECS/expect.spec
+++ b/SPECS/expect.spec
@@ -5,7 +5,7 @@
 Summary: A program-script interaction and testing utility
 Name: expect
 Version: %{majorver}
-Release: 9%{?dist}
+Release: 12%{?dist}
 License: Public Domain
 Group: Development/Languages
 # URL: probably more useful is http://sourceforge.net/projects/expect/
@@ -23,6 +23,8 @@ Patch2: expect-5.45-man-page.patch
 Patch3: expect-5.45-match-gt-numchars-segfault.patch
 # Patch4: fixes memory leak when using -re, http://sourceforge.net/p/expect/patches/13/
 Patch4: expect-5.45-re-memleak.patch
+# Patch5: use vsnprintf instead of vsprintf to avoid buffer overflow
+Patch5: expect-5.45-exp-log-buf-overflow.patch
 # examples patches
 # Patch100: changes random function
 Patch100: expect-5.32.2-random.patch
@@ -79,6 +81,7 @@ of expectk.
 %patch2 -p1 -b .man-page
 %patch3 -p1 -b .match-gt-numchars-segfault
 %patch4 -p1 -b .re-memleak
+%patch5 -p1 -b .exp-log-buf-overflow
 # examples fixes
 %patch100 -p1 -b .random
 %patch101 -p1 -b .mkpasswd-dash
@@ -167,6 +170,17 @@ rm -rf "$RPM_BUILD_ROOT"
 %{_mandir}/man1/tknewsbiff.1*
 
 %changelog
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 5.45-12
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 5.45-11
+- Mass rebuild 2013-12-27
+
+* Thu Dec 12 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 5.49-10
+- Use vsnprintf instead of vsprintf to avoid buffer overflow
+  (it happens e.g. when running systemtap testsuite)
+  Resolves: #1038931
+
 * Thu Oct 03 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 5.45-9
 - Fix memory leak when using -re option
   Resolves: #1014624