diff --git a/ntp-4.2.6p5-cve-2015-5194.patch b/ntp-4.2.6p5-cve-2015-5194.patch
new file mode 100644
index 0000000..a774749
--- /dev/null
+++ b/ntp-4.2.6p5-cve-2015-5194.patch
@@ -0,0 +1,42 @@
+commit 553f2fa65865c31c5e3c48812cfd46176cffdd27
+Author:  <davehart@shiny.ad.hartbrothers.com>
+Date:   Wed Jul 28 05:33:53 2010 +0000
+
+    [Bug 1593] ntpd abort in free() with logconfig syntax error.
+
+diff --git a/ntpd/ntp_parser.y b/ntpd/ntp_parser.y
+index b3f7ac3..cf8942f 100644
+--- a/ntpd/ntp_parser.y
++++ b/ntpd/ntp_parser.y
+@@ -995,14 +995,24 @@ log_config_list
+ log_config_command
+ 	:	T_String
+ 		{
+-			char prefix = $1[0];
+-			char *type = $1 + 1;
++			char	prefix;
++			char *	type;
+ 			
+-			if (prefix != '+' && prefix != '-' && prefix != '=') {
+-				yyerror("Logconfig prefix is not '+', '-' or '='\n");
+-			}
+-			else
+-				$$ = create_attr_sval(prefix, estrdup(type));
++			switch ($1[0]) {
++			
++			case '+':
++			case '-':
++			case '=':
++				prefix = $1[0];
++				type = $1 + 1;
++				break;
++				
++			default:
++				prefix = '=';
++				type = $1;
++			}	
++			
++			$$ = create_attr_sval(prefix, estrdup(type));
+ 			YYFREE($1);
+ 		}
+ 	;
diff --git a/ntp.spec b/ntp.spec
index 3d4c737..e2704b5 100644
--- a/ntp.spec
+++ b/ntp.spec
@@ -137,6 +137,8 @@ Patch43: ntp-4.2.6p5-leapreset.patch
 Patch44: ntp-4.2.6p5-rawstats.patch
 # ntpbz #2853
 Patch45: ntp-4.2.6p5-cve-2015-5146.patch
+# ntpbz #1593
+Patch46: ntp-4.2.6p5-cve-2015-5194.patch
 
 # handle unknown clock types
 Patch50: ntpstat-0.2-clksrc.patch
@@ -275,6 +277,7 @@ This package contains NTP documentation in HTML format.
 %patch43 -p1 -b .leapreset
 %patch44 -p1 -b .rawstats
 %patch45 -p1 -b .cve-2015-5146
+%patch46 -p1 -b .cve-2015-5194
 
 # ntpstat patches
 %patch50 -p1 -b .clksrc