diff --git a/SOURCES/pango-fixes-bidi-crash.patch b/SOURCES/pango-fixes-bidi-crash.patch
new file mode 100644
index 0000000..890cf92
--- /dev/null
+++ b/SOURCES/pango-fixes-bidi-crash.patch
@@ -0,0 +1,29 @@
+commit 490f8979a260c16b1df055eab386345da18a2d54
+Author: Matthias Clasen <mclasen@redhat.com>
+Date:   Wed Jul 10 20:26:23 2019 -0400
+
+    bidi: Be safer against bad input
+    
+    Don't run off the end of an array that we
+    allocated to certain length.
+    
+    Closes: https://gitlab.gnome.org/GNOME/pango/issues/342
+
+diff --git a/pango/pango-bidi-type.c b/pango/pango-bidi-type.c
+index 3e46b66c..5c02dbbb 100644
+--- a/pango/pango-bidi-type.c
++++ b/pango/pango-bidi-type.c
+@@ -181,8 +181,11 @@ pango_log2vis_get_embedding_levels (const gchar    *text,
+   for (i = 0, p = text; p < text + length; p = g_utf8_next_char(p), i++)
+     {
+       gunichar ch = g_utf8_get_char (p);
+-      FriBidiCharType char_type;
+-      char_type = fribidi_get_bidi_type (ch);
++      FriBidiCharType char_type = fribidi_get_bidi_type (ch);
++
++      if (i == n_chars)
++        break;
++
+       bidi_types[i] = char_type;
+       ored_types |= char_type;
+       if (FRIBIDI_IS_STRONG (char_type))
diff --git a/SPECS/pango.spec b/SPECS/pango.spec
index 9001f01..cb17ff1 100644
--- a/SPECS/pango.spec
+++ b/SPECS/pango.spec
@@ -9,13 +9,14 @@
 
 Name: pango
 Version: 1.42.4
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: System for layout and rendering of internationalized text
 
 License: LGPLv2+
 URL: http://www.pango.org
 Source0: http://download.gnome.org/sources/%{name}/1.42/%{name}-%{version}.tar.xz
 Patch0: pango-fixes-get-variations-crash.patch
+Patch1: pango-fixes-bidi-crash.patch
 
 BuildRequires: pkgconfig(cairo) >= %{cairo_version}
 BuildRequires: pkgconfig(freetype2) >= %{freetype_version}
@@ -77,6 +78,7 @@ the functionality of the installed %{name} package.
 %prep
 %setup -q -n pango-%{version}
 %patch0 -p1 -b .crash
+%patch1 -p1 -b .bidi
 
 
 %build
@@ -133,6 +135,11 @@ fi
 
 
 %changelog
+* Thu Aug 22 2019 Peng Wu <pwu@redhat.com> - 1.42.4-4
+- Fixes bidi crash
+- Security fix for CVE-2019-1010238
+- Resolves: #1738459
+
 * Sun Feb 10 2019 Peng Wu <pwu@redhat.com> - 1.42.4-3
 - Fixes crash in pango_fc_font_key_get_variations when key is null
 - Resolves: #1667239