diff --git a/7.1.087 b/7.1.087
new file mode 100644
index 0000000..3ba731e
--- /dev/null
+++ b/7.1.087
@@ -0,0 +1,151 @@
+To: vim-dev@vim.org
+Subject: patch 7.1.087
+Fcc: outbox
+From: Bram Moolenaar <Bram@moolenaar.net>
+Mime-Version: 1.0
+Content-Type: text/plain; charset=ISO-8859-1
+Content-Transfer-Encoding: 8bit
+------------
+
+Patch 7.1.087
+Problem:    Reading past ":cscope find" command.  Writing past end of a buffer.
+Solution:   Check length of the argument before using the pattern.  Use
+	    vim_strncpy().  (Dominique Pelle)
+Files:	    if_cscope.c
+
+
+*** ../vim-7.1.086/src/if_cscope.c	Sun Mar 11 15:48:29 2007
+--- src/if_cscope.c	Sun Aug 19 22:17:09 2007
+***************
+*** 73,78 ****
+--- 73,80 ----
+  
+  
+  static csinfo_T	    csinfo[CSCOPE_MAX_CONNECTIONS];
++ static int	    eap_arg_len;    /* length of eap->arg, set in
++ 				       cs_lookup_cmd() */
+  static cscmd_T	    cs_cmds[] =
+  {
+      { "add",	cs_add,
+***************
+*** 260,273 ****
+  
+      if ((p = cs_manage_matches(NULL, NULL, -1, Get)) == NULL)
+  	return TRUE;
+! 
+!     if ((int)strlen(p) > size)
+!     {
+! 	strncpy((char *)buf, p, size - 1);
+! 	buf[size] = '\0';
+!     }
+!     else
+! 	(void)strcpy((char *)buf, p);
+  
+      return FALSE;
+  } /* cs_fgets */
+--- 262,268 ----
+  
+      if ((p = cs_manage_matches(NULL, NULL, -1, Get)) == NULL)
+  	return TRUE;
+!     vim_strncpy(buf, (char_u *)p, size - 1);
+  
+      return FALSE;
+  } /* cs_fgets */
+***************
+*** 386,392 ****
+   * PRIVATE: cs_add
+   *
+   * add cscope database or a directory name (to look for cscope.out)
+!  * the the cscope connection list
+   *
+   * MAXPATHL 256
+   */
+--- 381,387 ----
+   * PRIVATE: cs_add
+   *
+   * add cscope database or a directory name (to look for cscope.out)
+!  * to the cscope connection list
+   *
+   * MAXPATHL 256
+   */
+***************
+*** 966,972 ****
+      }
+  
+      pat = opt + strlen(opt) + 1;
+!     if (pat == NULL || (pat != NULL && pat[0] == '\0'))
+      {
+  	cs_usage_msg(Find);
+  	return FALSE;
+--- 961,967 ----
+      }
+  
+      pat = opt + strlen(opt) + 1;
+!     if (pat >= (char *)eap->arg + eap_arg_len)
+      {
+  	cs_usage_msg(Find);
+  	return FALSE;
+***************
+*** 1317,1323 ****
+  #else
+  	    /* compare pathnames first */
+  	    && ((fullpathcmp(csinfo[j].fname, fname, FALSE) & FPC_SAME)
+! 		/* if not Windows 9x, test index file atributes too */
+  		|| (!mch_windows95()
+  		    && csinfo[j].nVolume == bhfi.dwVolumeSerialNumber
+  		    && csinfo[j].nIndexHigh == bhfi.nFileIndexHigh
+--- 1312,1318 ----
+  #else
+  	    /* compare pathnames first */
+  	    && ((fullpathcmp(csinfo[j].fname, fname, FALSE) & FPC_SAME)
+! 		/* if not Windows 9x, test index file attributes too */
+  		|| (!mch_windows95()
+  		    && csinfo[j].nVolume == bhfi.dwVolumeSerialNumber
+  		    && csinfo[j].nIndexHigh == bhfi.nFileIndexHigh
+***************
+*** 1401,1406 ****
+--- 1396,1404 ----
+      if (eap->arg == NULL)
+  	return NULL;
+  
++     /* Store length of eap->arg before it gets modified by strtok(). */
++     eap_arg_len = STRLEN(eap->arg);
++ 
+      if ((stok = strtok((char *)(eap->arg), (const char *)" ")) == NULL)
+  	return NULL;
+  
+***************
+*** 2195,2201 ****
+  	    cs_add_common(dblist[i], pplist[i], fllist[i]);
+  	    if (p_csverbose)
+  	    {
+! 		/* dont' use smsg_attr because want to display
+  		 * connection number in the same line as
+  		 * "Added cscope database..."
+  		 */
+--- 2193,2199 ----
+  	    cs_add_common(dblist[i], pplist[i], fllist[i]);
+  	    if (p_csverbose)
+  	    {
+! 		/* don't use smsg_attr() because we want to display the
+  		 * connection number in the same line as
+  		 * "Added cscope database..."
+  		 */
+*** ../vim-7.1.086/src/version.c	Tue Aug 21 17:29:04 2007
+--- src/version.c	Tue Aug 21 17:59:42 2007
+***************
+*** 668,669 ****
+--- 668,671 ----
+  {   /* Add new patch number below this line */
++ /**/
++     87,
+  /**/
+
+-- 
+hundred-and-one symptoms of being an internet addict:
+223. You set up a web-cam as your home's security system.
+
+ /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
+///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
+\\\        download, build and distribute -- http://www.A-A-P.org        ///
+ \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///
diff --git a/README.patches b/README.patches
index 2219a41..d3eafb1 100644
--- a/README.patches
+++ b/README.patches
@@ -101,4 +101,13 @@ Individual patches for Vim 7.1:
   5259  7.1.074  crash when using string() on a recursively nested List
   1686  7.1.075  ":let v:statusmsg" reads memory already freed
   2376  7.1.076  a couple more strcpy() with overlapping arguments
-  1551  7.1.077  flag indicating spell checking is to be done isn't always set
+  2678  7.1.078  dropping file name on gvim containing CSI byte doesn't work
+  2922  7.1.079  "@" character in 'isfname' doesn't pick up umlauts for latin1
+  2960  7.1.080  (extra) Compiler warnings for gvimex.cpp
+  3253  7.1.081  completion doesn't work after ":!cat <foo"
+  3464  7.1.082  matchparen plugin doesn't update after window split
+  3448  7.1.083  (after 7.1.081) completion doesn't work with wildcards
+  1671  7.1.084  netbeans doesn't get fileOpened events when using -nb twice
+  2496  7.1.085  after ":split fold.c" folds in one window disappear
+  3561  7.1.086  crash when using specific Python syntax highlighting
+  4165  7.1.087  cscope: reading past command end; writing past buffer end
diff --git a/vim.spec b/vim.spec
index b5e5566..2add7ff 100644
--- a/vim.spec
+++ b/vim.spec
@@ -15,7 +15,7 @@
 #used for pre-releases:
 %define beta %{nil}
 %define vimdir vim71%{?beta}
-%define patchlevel 77
+%define patchlevel 87
 
 Summary: The VIM editor
 URL:     http://www.vim.org/
@@ -92,7 +92,7 @@ Patch037: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.037
 Patch038: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.038
 Patch039: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039
 Patch040: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.040
-#Patch041: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.041
+Patch041: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.041
 Patch042: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.042
 Patch043: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.043
 Patch044: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.044
@@ -129,6 +129,16 @@ Patch074: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.074
 Patch075: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.075
 Patch076: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.076
 Patch077: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.077
+Patch078: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.078
+Patch079: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.079
+Patch080: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.080
+Patch081: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.081
+Patch082: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.082
+Patch083: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.083
+Patch084: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.084
+Patch085: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.085
+Patch086: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.086
+Patch087: ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.087
 
 Patch3000: vim-7.0-syntax.patch
 Patch3002: vim-7.1-nowarnings.patch
@@ -245,9 +255,9 @@ with graphics and mouse capabilities.  You'll also need to install the
 vim-common package.
 
 %prep
+%setup -q -b 0 -n %{vimdir}
 %setup -q -b 1 -n %{vimdir}
-%{__tar} xzf %{SOURCE1}
-%{__tar} xzf %{SOURCE2}
+%setup -q -b 2 -n %{vimdir}
 # fix rogue dependencies from sample code
 chmod -x runtime/tools/mve.awk
 %patch2002 -p1
@@ -303,7 +313,7 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
 %patch039 -p0
 %patch040 -p0
 # DOS, Amiga, OS2, VMS:
-#patch041 -p0
+%patch041 -p0
 %patch042 -p0
 %patch043 -p0
 %patch044 -p0
@@ -343,6 +353,16 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
 %patch075 -p0 
 %patch076 -p0 
 %patch077 -p0 
+%patch078 -p0 
+%patch079 -p0 
+%patch080 -p0 
+%patch081 -p0 
+%patch082 -p0 
+%patch083 -p0 
+%patch084 -p0 
+%patch085 -p0 
+%patch086 -p0 
+%patch087 -p0 
 
 # install spell files
 %if %{withvimspell}
@@ -728,6 +748,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/icons/hicolor/*/apps/*
 
 %changelog
+* Fri Aug 24 2007 Karsten Hopp <karsten@redhat.com> 7.1.87-1
+- patchlevel 87
+
 * Wed Aug 15 2007 Karsten Hopp <karsten@redhat.com> 7.1.77-1
 - patchlevel 77