diff --git a/SOURCES/icu.rhbz1074549.CVE-2013-5907.patch b/SOURCES/icu.rhbz1074549.CVE-2013-5907.patch
new file mode 100644
index 0000000..beb22b3
--- /dev/null
+++ b/SOURCES/icu.rhbz1074549.CVE-2013-5907.patch
@@ -0,0 +1,37 @@
+
+# erAck: resolves https://bugzilla.redhat.com/show_bug.cgi?id=1074549
+# Based on http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1
+# where a/src/share/native/sun/font/layout/LookupProcessor.cpp is
+# icu/source/layout/LookupProcessor.cpp
+# Adapted to LayoutEngine "patch" and subsequent patches.
+# Note that
+#@@ -246,7 +249,7 @@
+#-      featureReferences += SWAPW(featureTable->lookupCount);
+#+      featureReferences += SWAPW(requiredFeatureTable->lookupCount);
+# was already applied with icu.8800.freeserif.crash.patch that also added
+#+      if (requiredFeatureTable.isValid()) {
+# and is a slightly enhanced version of
+# https://ssl.icu-project.org/trac/ticket/8800 and/or
+# https://ssl.icu-project.org/trac/ticket/8320
+
+--- prev.icu/source/layout/LookupProcessor.cpp	2014-03-11 20:46:53.288819882 +0100
++++ icu/source/layout/LookupProcessor.cpp	2014-03-11 20:54:43.153370234 +0100
+@@ -113,7 +113,7 @@
+ le_int32 LookupProcessor::selectLookups(const LEReferenceTo<FeatureTable> &featureTable, FeatureMask featureMask, le_int32 order, LEErrorCode &success)
+ {
+   le_uint16 lookupCount = featureTable.isValid()? SWAPW(featureTable->lookupCount) : 0;
+-    le_int32  store = order;
++    le_uint32  store = (le_uint32)order;
+     
+     LEReferenceToArrayOf<le_uint16> lookupListIndexArray(featureTable, success, featureTable->lookupListIndexArray, lookupCount);
+ 
+@@ -122,6 +122,9 @@
+       if (lookupListIndex >= lookupSelectCount) {
+         continue;
+       }
++      if (store >= lookupOrderCount) {
++        continue;
++      }
+       
+       lookupSelectArray[lookupListIndex] |= featureMask;
+       lookupOrderArray[store++] = lookupListIndex;
diff --git a/SPECS/icu.spec b/SPECS/icu.spec
index c664b4c..5c73473 100644
--- a/SPECS/icu.spec
+++ b/SPECS/icu.spec
@@ -1,6 +1,6 @@
 Name:      icu
 Version:   50.1.2
-Release:   8%{?dist}
+Release:   11%{?dist}
 Summary:   International Components for Unicode
 Group:     Development/Tools
 License:   MIT and UCD and Public Domain
@@ -21,6 +21,7 @@ Patch5: gennorm2-man.patch
 Patch6: icuinfo-man.patch
 Patch7: icu.10143.memory.leak.crash.patch
 Patch8: icu.10318.CVE-2013-2924_changeset_34076.patch
+Patch9: icu.rhbz1074549.CVE-2013-5907.patch
 
 %description
 Tools and utilities for developing with icu.
@@ -72,6 +73,7 @@ BuildArch: noarch
 %patch6 -p1 -b .icuinfo-man.patch
 %patch7 -p1 -b .icu10143.memory.leak.crash.patch
 %patch8 -p1 -b .icu10318.CVE-2013-2924_changeset_34076.patch
+%patch9 -p1 -b .icurhbz1074549.CVE-2013-5907.patch
 
 %build
 cd source
@@ -179,6 +181,15 @@ make %{?_smp_mflags} -C source check
 %doc source/__docs/%{name}/html/*
 
 %changelog
+* Tue Mar 11 2014 Eike Rathke <erack@redhat.com> - 50.1.2-11
+- Resolves: rhbz#1074549 Layout Engine LookupProcessor insufficient input checks
+
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 50.1.2-10
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 50.1.2-9
+- Mass rebuild 2013-12-27
+
 * Wed Oct 16 2013 Eike Rathke <erack@redhat.com> - 50.1.2-8
 - Resolves: rhbz#1015593 CVE-2013-2924 use-after-free