diff --git a/openssh.spec b/openssh.spec
index b370772..64f41d9 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -61,7 +61,7 @@
 Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
 Name: openssh
 Version: 4.3p2
-Release: 11%{?dist}%{?rescue_rel}
+Release: 12%{?dist}%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
 #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
@@ -96,6 +96,7 @@ Patch42: openssh-4.3p2-no-dup-logs.patch
 Patch44: openssh-4.3p2-allow-ip-opts.patch
 Patch45: openssh-4.3p2-cve-2006-4924.patch
 Patch46: openssh-3.9p1-cve-2006-5051.patch
+Patch47: openssh-4.3p2-cve-2006-5794.patch
 License: BSD
 Group: Applications/Internet
 BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
@@ -229,6 +230,7 @@ an X11 passphrase dialog for OpenSSH.
 %patch44 -p1 -b .ip-opts
 %patch45 -p1 -b .deattack-dos
 %patch46 -p1 -b .sig-no-cleanup
+%patch47 -p1 -b .verify
 
 autoreconf
 
@@ -473,6 +475,9 @@ fi
 %endif
 
 %changelog
+* Fri Nov 10 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-12
+- CVE-2006-5794 - properly detect failed key verify in monitor (#214641)
+
 * Thu Nov  2 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-11
 - merge sshd initscript patches
 - kill all ssh sessions when stop is called in halt or reboot runlevel