diff --git a/SOURCES/ghostscript-cve-2019-14869.patch b/SOURCES/ghostscript-cve-2019-14869.patch
new file mode 100644
index 0000000..e23eb19
--- /dev/null
+++ b/SOURCES/ghostscript-cve-2019-14869.patch
@@ -0,0 +1,40 @@
+diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps
+index 064b6c8..600907e 100644
+--- a/Resource/Init/gs_ttf.ps
++++ b/Resource/Init/gs_ttf.ps
+@@ -1421,7 +1421,7 @@ mark
+           TTFDEBUG { (\n1 setting alias: ) print dup ==only
+                 ( to be the same as  ) print 2 index //== exec } if
+ 
+-          7 index 2 index 3 -1 roll exch .forceput
++          7 index 2 index 3 -1 roll exch put
+         } forall
+         pop pop pop
+       }
+@@ -1439,7 +1439,7 @@ mark
+           exch pop
+           TTFDEBUG { (\n2 setting alias: ) print 1 index ==only
+                      ( to use glyph index: ) print dup //== exec } if
+-          5 index 3 1 roll .forceput
++          5 index 3 1 roll put
+           //false
+         }
+         {
+@@ -1456,7 +1456,7 @@ mark
+         {                            %  CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer)
+           TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only
+                 ( to be index: ) print dup //== exec } if
+-          exch pop 5 index 3 1 roll .forceput
++          exch pop 5 index 3 1 roll put
+         }
+         {
+           pop pop
+@@ -1486,7 +1486,7 @@ mark
+       } ifelse
+     ]
+   TTFDEBUG { (Encoding: ) print dup === flush } if
+-} .bind executeonly odef               % hides .forceput
++} .bind odef
+ 
+ % to be removed 9.09......
+ currentdict /postalias undef
diff --git a/SPECS/ghostscript.spec b/SPECS/ghostscript.spec
index 414fb32..6b91718 100644
--- a/SPECS/ghostscript.spec
+++ b/SPECS/ghostscript.spec
@@ -34,7 +34,7 @@
 Name:             ghostscript
 Summary:          Interpreter for PostScript language & PDF
 Version:          9.25
-Release:          2%{?dist}.2
+Release:          5%{?dist}
 
 License:          AGPLv3+
 
@@ -106,6 +106,7 @@ Patch014: ghostscript-pdf2dsc-regression.patch
 Patch015: ghostscript-cve-2019-10216.patch
 Patch016: ghostscript-cve-2019-14811-14812-14813.patch
 Patch017: ghostscript-cve-2019-14817.patch
+Patch018: ghostscript-cve-2019-14869.patch
 
 # Downstream patches -- these should be always included when doing rebase:
 # ------------------
@@ -252,7 +253,7 @@ autoreconf -fv
 # NOTE:   In RHEL we need to keep the /usr/share/ghostscript/conf.d/ folder
 #         for China's GB18030 official certification:
 %configure --enable-dynamic --disable-compile-inits --without-versioned-path \
-           --with-fontpath="%{urw_base35_fontpath}:%{_datadir}/%{name}/conf.d/:%{_sysconfdir}/%{name}/" \
+           --with-fontpath="%{urw_base35_fontpath}:%{_datadir}/%{name}/conf.d/:%{_sysconfdir}/%{name}/:%{_datadir}/fonts" \
            --with-install-cups --with-ijs
 
 # Build IJS
@@ -429,14 +430,18 @@ install -m 0755 -d %{buildroot}%{_sysconfdir}/%{name}/
 # =============================================================================
 
 %changelog
-* Thu Aug 22 2019 Martin Osvald <mosvald@redhat.com> - 9.25-2.2
-- Resolves: #1744008 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdf_hook_DSC_Creator (701445)
-- Resolves: #1744012 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams (701444)
-- Resolves: #1744003 - CVE-2019-14813 ghostscript: Safer Mode Bypass by .forceput Exposure in setsystemparams (701443)
-- Resolves: #1744228 - CVE-2019-14817 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfexectoken and other procedures (701450)
-
-* Mon Aug 05 2019 Martin Osvald <mosvald@redhat.com> - 9.25-2.1
-- Resolves: #1737338 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394)
+* Tue Mar 31 2020 Zdenek Dohnal <zdohnal@redhat.com> - 9.25-5
+- 1812284 - ghostscript fontconfig support broken when gs used with -dSAFER/-dPARANOIDSAFER
+
+* Fri Nov 08 2019 Zdenek Dohnal <zdohnal@redhat.com> - 9.25-4
+- 1769341 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys
+
+* Mon Aug 05 2019 Martin Osvald <mosvald@redhat.com> - 9.25-3
+- Resolves: #1737339 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394)
+- Resolves: #1744009 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdf_hook_DSC_Creator (701445)
+- Resolves: #1744013 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams (701444)
+- Resolves: #1744004 - CVE-2019-14813 ghostscript: Safer Mode Bypass by .forceput Exposure in setsystemparams (701443)
+- Resolves: #1744229 - CVE-2019-14817 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfexectoken and other procedures (701450)
 
 * Tue Apr 02 2019 Martin Osvald <mosvald@redhat.com> - 9.25-2
 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel