diff --git a/SOURCES/pango-fixes-bidi-crash.patch b/SOURCES/pango-fixes-bidi-crash.patch
new file mode 100644
index 0000000..890cf92
--- /dev/null
+++ b/SOURCES/pango-fixes-bidi-crash.patch
@@ -0,0 +1,29 @@
+commit 490f8979a260c16b1df055eab386345da18a2d54
+Author: Matthias Clasen <mclasen@redhat.com>
+Date: Wed Jul 10 20:26:23 2019 -0400
+
+ bidi: Be safer against bad input
+
+ Don't run off the end of an array that we
+ allocated to certain length.
+
+ Closes: https://gitlab.gnome.org/GNOME/pango/issues/342
+
+diff --git a/pango/pango-bidi-type.c b/pango/pango-bidi-type.c
+index 3e46b66c..5c02dbbb 100644
+--- a/pango/pango-bidi-type.c
++++ b/pango/pango-bidi-type.c
+@@ -181,8 +181,11 @@ pango_log2vis_get_embedding_levels (const gchar *text,
+ for (i = 0, p = text; p < text + length; p = g_utf8_next_char(p), i++)
+ {
+ gunichar ch = g_utf8_get_char (p);
+- FriBidiCharType char_type;
+- char_type = fribidi_get_bidi_type (ch);
++ FriBidiCharType char_type = fribidi_get_bidi_type (ch);
++
++ if (i == n_chars)
++ break;
++
+ bidi_types[i] = char_type;
+ ored_types |= char_type;
+ if (FRIBIDI_IS_STRONG (char_type))
diff --git a/SOURCES/pango-fixes-get-variations-crash.patch b/SOURCES/pango-fixes-get-variations-crash.patch
new file mode 100644
index 0000000..ca96086
--- /dev/null
+++ b/SOURCES/pango-fixes-get-variations-crash.patch
@@ -0,0 +1,31 @@
+commit ad92e199f221499c19f22dce7a16e7d770ad3ae7
+Author: Carsten Pfeiffer <carsten.pfeiffer@gebit.de>
+Date: Fri Aug 10 16:06:20 2018 +0200
+
+ Fix crash in pango_fc_font_key_get_variations() when key is null
+
+diff --git a/pango/pangofc-shape.c b/pango/pangofc-shape.c
+index a59ca67c..53269d73 100644
+--- a/pango/pangofc-shape.c
++++ b/pango/pangofc-shape.c
+@@ -380,8 +380,10 @@ _pango_fc_shape (PangoFont *font,
+ fc_font->is_hinted ? ft_face->size->metrics.x_ppem : 0,
+ fc_font->is_hinted ? ft_face->size->metrics.y_ppem : 0);
+
+- variations = pango_fc_font_key_get_variations (key);
+- if (variations)
++ if (key)
++ {
++ variations = pango_fc_font_key_get_variations (key);
++ if (variations)
+ {
+ guint n_variations;
+ hb_variation_t *hb_variations;
+@@ -391,6 +393,7 @@ _pango_fc_shape (PangoFont *font,
+
+ g_free (hb_variations);
+ }
++ }
+
+ hb_buffer = acquire_buffer (&free_buffer);
+
diff --git a/SPECS/pango.spec b/SPECS/pango.spec
index 9742626..a808b54 100644
--- a/SPECS/pango.spec
+++ b/SPECS/pango.spec
@@ -1,4 +1,4 @@
-%global glib2_version 2.33.12
+%global glib2_version 2.56.1
%global freetype_version 2.1.5
%global fontconfig_version 2.11.91
%global cairo_version 1.12.10
@@ -9,12 +9,14 @@
Name: pango
Version: 1.42.4
-Release: 1%{?dist}
+Release: 5%{?dist}
Summary: System for layout and rendering of internationalized text
License: LGPLv2+
URL: http://www.pango.org
Source0: http://download.gnome.org/sources/%{name}/1.42/%{name}-%{version}.tar.xz
+Patch0: pango-fixes-get-variations-crash.patch
+Patch1: pango-fixes-bidi-crash.patch
BuildRequires: pkgconfig(cairo) >= %{cairo_version}
BuildRequires: pkgconfig(freetype2) >= %{freetype_version}
@@ -75,6 +77,8 @@ the functionality of the installed %{name} package.
%prep
%setup -q -n pango-%{version}
+%patch0 -p1 -b .crash
+%patch1 -p1 -b .bidi
%build
@@ -128,6 +132,20 @@ fi
%changelog
+* Tue Aug 20 2019 Peng Wu <pwu@redhat.com> - 1.42.4-5
+- Fixes crash in pango_fc_font_key_get_variations when key is null
+
+* Fri Aug 16 2019 Peng Wu <pwu@redhat.com> - 1.42.4-4
+- Fixes bidi crash
+- Security fix for CVE-2019-1010238
+- Resolves: #1738461
+
+* Mon Dec 17 2018 Ray Strode <rstrode@redhat.com> - 1.42.4-3
+- rebuild
+
+* Fri Dec 14 2018 Ray Strode <rstrode@redhat.com> - 1.42.4-2
+- rebuild
+
* Fri Aug 31 2018 Peng Wu <pwu@redhat.com> - 1.42.4-1
- Update to 1.42.4