diff --git a/nagios-plugins.spec b/nagios-plugins.spec
index bf06e99..01bd7e4 100644
--- a/nagios-plugins.spec
+++ b/nagios-plugins.spec
@@ -1,6 +1,6 @@
 Name: nagios-plugins
 Version: 1.4.8
-Release: 7%{?dist}
+Release: 8%{?dist}
 Summary: Host/service/network monitoring program plugins for Nagios
 
 Group: Applications/System
@@ -13,6 +13,7 @@ Patch1: nagios-plugins-1.4.6-radius-ng.patch
 Patch2: nagios-plugins-1.4.3-ntpd.patch
 Patch3: nagios-plugins-1.4.4-check_ide_smart.patch
 Patch4: check_smtp.recvline.diff.2
+Patch5: nagiosplugins-checksnmp-crash.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires: openldap-devel
@@ -507,6 +508,7 @@ Provides check_wave support for Nagios.
 %patch2 -p0
 %patch3 -p1
 %patch4 -p0
+%patch5 -p0
 
 %build
 %configure \
@@ -787,6 +789,9 @@ rm -rf %{buildroot}
 %{_libdir}/nagios/plugins/utils.sh
 
 %changelog
+* Fri Oct 26 2007 Mike McGrath <mmcgrath@redhat.com> 1.4.8-8
+- Fix for Bug 348731 and CVE-2007-5623
+
 * Wed Aug 22 2007 Mike McGrath <mmcgrath@redhat.com> 1.4.8-7
 - Rebuild for BuildID
 - License change
diff --git a/nagiosplugins-checksnmp-crash.patch b/nagiosplugins-checksnmp-crash.patch
new file mode 100644
index 0000000..6fc9540
--- /dev/null
+++ b/nagiosplugins-checksnmp-crash.patch
@@ -0,0 +1,37 @@
+--- plugins/check_snmp.c.old	2007-05-29 07:22:32.000000000 +0200
++++ plugins/check_snmp.c	2007-10-17 22:08:49.000000000 +0200
+@@ -219,12 +219,16 @@ main (int argc, char **argv)
+ 
+ 	ptr = output;
+ 
+-	strcat(perfstr, "| ");
++	strncat(perfstr, "| ", sizeof(perfstr)-strlen(perfstr)-1);
+ 	while (ptr) {
+ 		char *foo;
++		unsigned int copylen;
+ 
+ 		foo = strstr (ptr, delimiter);
+-		strncat(perfstr, ptr, foo-ptr);
++		copylen = foo-ptr;
++		if (copylen > sizeof(perfstr)-strlen(perfstr)-1)
++			copylen = sizeof(perfstr)-strlen(perfstr)-1;
++		strncat(perfstr, ptr, copylen);
+ 		ptr = foo; 
+ 
+ 		if (ptr == NULL)
+@@ -357,11 +361,11 @@ main (int argc, char **argv)
+ 
+ 		i++;
+ 
+-		strcat(perfstr, "=");
+-		strcat(perfstr, show);
++		strncat(perfstr, "=", sizeof(perfstr)-strlen(perfstr)-1);
++		strncat(perfstr, show, sizeof(perfstr)-strlen(perfstr)-1);
+ 		if (type)
+-			strcat(perfstr, type);
+-		strcat(perfstr, " ");
++			strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1);
++		strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1);
+ 
+ 	}	/* end while (ptr) */
+