--- ghostscript.spec	2010-07-16 01:35:28.000000000 -0400
+++ ghostscript.spec	2010-07-16 01:55:49.000000000 -0400
@@ -5,7 +5,7 @@
 Name: ghostscript
 Version: %{gs_ver}
 
-Release: 6%{?dist}
+Release: 6.scripts%{scriptsversion}%{?dist}
 
 # Included CMap data is Redistributable, no modification permitted,
 # see http://bugzilla.redhat.com/487510
@@ -35,6 +35,8 @@
 Patch17: ghostscript-tiff-default-strip-size.patch
 Patch18: ghostscript-tiff-fixes.patch
 
+Patch100: ghostscript-CVE-2010-1628.patch
+
 Requires: urw-fonts >= 1.1, ghostscript-fonts
 BuildRequires: xz
 BuildRequires: libjpeg-devel, libXt-devel
@@ -151,6 +153,9 @@
 # Backported some more TIFF fixes (bug #573970).
 %patch18 -p1 -b .tiff-fixes
 
+# Avoid an exploitable overflow (scripts.mit.edu local patch).
+%patch100 -p1 -b .CVE-2010-1628
+
 # Convert manual pages to UTF-8
 from8859_1() {
 	iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@@ -332,6 +337,13 @@
 %{_libdir}/libgs.so
 
 %changelog
+* Fri Jul 16 2010 Geoffrey Thomas <geofft@mit.edu> 8.71-6.scripts
+- Include the patch
+  http://bugs.ghostscript.com/attachment.cgi?id=6350
+  to fix CVE-2010-1628 (potential arbitrary code execution via
+  an overflow), from the upstream bug report:
+  http://bugs.ghostscript.com/show_bug.cgi?id=691295
+
 * Tue Mar 16 2010 Tim Waugh <twaugh@redhat.com> 8.71-6
 - Backported some more TIFF fixes (bug #573970).
 - Use upstream fix for TIFF default strip size (bug #571520).