diff --git a/cve-2008-2371.patch b/cve-2008-2371.patch
new file mode 100644
index 0000000..6aea7a6
--- /dev/null
+++ b/cve-2008-2371.patch
@@ -0,0 +1,12 @@
+diff -up glib-2.14.6/glib/pcre/pcre_compile.c.cve-2008-2371 glib-2.14.6/glib/pcre/pcre_compile.c
+--- glib-2.14.6/glib/pcre/pcre_compile.c.cve-2008-2371	2008-07-02 10:30:50.000000000 -0400
++++ glib-2.14.6/glib/pcre/pcre_compile.c	2008-07-02 10:32:19.000000000 -0400
+@@ -4701,7 +4701,7 @@ we set the flag only if there is a liter
+                (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
+             {
+             cd->external_options = newoptions;
+-            options = newoptions;
++            options = *optionsptr = newoptions;
+             }
+          else
+             {
diff --git a/glib2.spec b/glib2.spec
index 433fb87..234d5dd 100644
--- a/glib2.spec
+++ b/glib2.spec
@@ -3,7 +3,7 @@
 Summary: A library of handy utility functions
 Name: glib2
 Version: 2.14.6
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 URL: http://www.gtk.org
@@ -14,6 +14,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: pkgconfig >= 1:0.14
 BuildRequires: gettext
 
+Patch0: cve-2008-2371.patch
+
 %description 
 GLib is the low-level core library that forms the basis
 for projects such as GTK+ and GNOME. It provides data structure
@@ -45,6 +47,7 @@ of version 2 of the GLib library.
 
 %prep
 %setup -q -n glib-%{version}
+%patch0 -p1 -b .cve-2008-2371
 
 %build
 for i in config.guess config.sub ; do
@@ -117,6 +120,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/lib*.a
 
 %changelog
+* Wed Jul  2 2008 Matthias Clasen <mclasen@redhat.com> - 2.14.6-2
+- Fix a heap-based buffer overflow in PCRE (CVE-2008-2371)
+
 * Thu Feb  7 2008 Matthias Clasen <mclasen@redhat.com> - 2.14.6-1
 - Update to 2.14.6 (fixes a buffer overflow in PCRE)