diff --git a/xerces-c-3.1.1-CVE-2015-0252.patch b/xerces-c-3.1.1-CVE-2015-0252.patch
new file mode 100644
index 0000000..3a50126
--- /dev/null
+++ b/xerces-c-3.1.1-CVE-2015-0252.patch
@@ -0,0 +1,56 @@
+--- xerces/c/branches/xerces-3.1/src/xercesc/internal/XMLReader.cpp	2015/03/02 18:07:34	1663380
++++ xerces/c/branches/xerces-3.1/src/xercesc/internal/XMLReader.cpp	2015/03/19 20:56:46	1667870
+@@ -1459,6 +1459,17 @@
+ 
+             while (fRawBufIndex < fRawBytesAvail)
+             {
++                // Security fix: make sure there are at least sizeof(UCS4Ch) bytes to consume.
++                if (fRawBufIndex + sizeof(UCS4Ch) > fRawBytesAvail) {
++                    ThrowXMLwithMemMgr1
++                    (
++                        TranscodingException
++                        , XMLExcepts::Reader_CouldNotDecodeFirstLine
++                        , fSystemId
++                        , fMemoryManager
++                    );
++                }
++
+                 // Get out the current 4 byte value and inc our raw buf index
+                 UCS4Ch curVal = *asUCS++;
+                 fRawBufIndex += sizeof(UCS4Ch);
+@@ -1618,6 +1629,17 @@
+ 
+             while (fRawBufIndex < fRawBytesAvail)
+             {
++                // Security fix: make sure there are at least sizeof(UTF16Ch) bytes to consume.
++                if (fRawBufIndex + sizeof(UTF16Ch) > fRawBytesAvail) {
++                    ThrowXMLwithMemMgr1
++                    (
++                        TranscodingException
++                        , XMLExcepts::Reader_CouldNotDecodeFirstLine
++                        , fSystemId
++                        , fMemoryManager
++                    );
++                }
++
+                 // Get out the current 2 byte value
+                 UTF16Ch curVal = *asUTF16++;
+                 fRawBufIndex += sizeof(UTF16Ch);
+@@ -1707,6 +1729,17 @@
+ //
+ void XMLReader::refreshRawBuffer()
+ {
++    // Security fix: make sure we don't underflow on the subtraction.
++    if (fRawBufIndex > fRawBytesAvail) {
++        ThrowXMLwithMemMgr1
++        (
++            RuntimeException
++            , XMLExcepts::Str_StartIndexPastEnd
++            , fSystemId
++            , fMemoryManager
++        );
++    }
++
+     //
+     //  If there are any bytes left, move them down to the start. There
+     //  should only ever be (max bytes per char - 1) at the most.
diff --git a/xerces-c.spec b/xerces-c.spec
index 0069f80..97d909f 100644
--- a/xerces-c.spec
+++ b/xerces-c.spec
@@ -1,11 +1,12 @@
 Summary:	Validating XML Parser
 Name:		xerces-c
 Version:	3.1.1
-Release:	7%{?dist}
+Release:	8%{?dist}
 License:	ASL 2.0
 Group:		System Environment/Libraries
 URL:		http://xml.apache.org/xerces-c/
 Source0:	http://archive.apache.org/dist/xerces/c/3/sources/xerces-c-%{version}.tar.gz
+Patch0:		xerces-c-3.1.1-CVE-2015-0252.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:	dos2unix
@@ -47,6 +48,8 @@ manipulating, and validating XML documents.
 
 %prep
 %setup -q 
+%patch0 -p4 -b .CVE-2015-0252
+
 # Copy samples before build to avoid including built binaries in -doc package
 mkdir -p _docs
 cp -a samples/ _docs/
@@ -96,6 +99,9 @@ rm -rf $RPM_BUILD_ROOT
 %doc README LICENSE NOTICE CREDITS doc _docs/*
 
 %changelog
+* Fri Mar 20 2015 Kalev Lember <kalevlember@gmail.com> - 3.1.1-8
+- Fix CVE-2015-0252
+
 * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.1-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild