diff --git a/0028-curl-7.76.1-CVE-2023-27536.patch b/0028-curl-7.76.1-CVE-2023-27536.patch
new file mode 100644
index 0000000..9479178
--- /dev/null
+++ b/0028-curl-7.76.1-CVE-2023-27536.patch
@@ -0,0 +1,54 @@
+From 9d6dd7bc1dea42ae8e710aeae714e2a2c290de61 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 10 Mar 2023 09:22:43 +0100
+Subject: [PATCH] url: only reuse connections with same GSS delegation
+
+Reported-by: Harry Sintonen
+Closes #10731
+
+Upstream-commit: cb49e67303dbafbab1cebf4086e3ec15b7d56ee5
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ lib/url.c     | 6 ++++++
+ lib/urldata.h | 1 +
+ 2 files changed, 7 insertions(+)
+
+diff --git a/lib/url.c b/lib/url.c
+index 3b11b7e..cbbc7f3 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -1325,6 +1325,11 @@ ConnectionExists(struct Curl_easy *data,
+         }
+       }
+ 
++      /* GSS delegation differences do not actually affect every connection
++         and auth method, but this check takes precaution before efficiency */
++      if(needle->gssapi_delegation != check->gssapi_delegation)
++        continue;
++
+ #ifdef USE_SSH
+       else if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
+         if(!ssh_config_matches(needle, check))
+@@ -1787,6 +1792,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
+   conn->fclosesocket = data->set.fclosesocket;
+   conn->closesocket_client = data->set.closesocket_client;
+   conn->lastused = Curl_now(); /* used now */
++  conn->gssapi_delegation = data->set.gssapi_delegation;
+ 
+   return conn;
+   error:
+diff --git a/lib/urldata.h b/lib/urldata.h
+index ce90304..9e16f26 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -995,6 +995,7 @@ struct connectdata {
+   char *sasl_authzid;     /* authorisation identity string, allocated */
+   char *oauth_bearer; /* OAUTH2 bearer, allocated */
+   unsigned char httpversion; /* the HTTP version*10 reported by the server */
++  unsigned char gssapi_delegation; /* inherited from set.gssapi_delegation */
+   struct curltime now;     /* "current" time */
+   struct curltime created; /* creation time */
+   struct curltime lastused; /* when returned to the connection cache */
+-- 
+2.39.2
+
diff --git a/curl.spec b/curl.spec
index 28e12fc..68eac96 100644
--- a/curl.spec
+++ b/curl.spec
@@ -83,6 +83,9 @@ Patch26:  0026-curl-7.76.1-CVE-2023-27534.patch
 # fix FTP too eager connection reuse (CVE-2023-27535)
 Patch27:  0027-curl-7.76.1-CVE-2023-27535.patch
 
+# fix GSS delegation too eager connection re-use (CVE-2023-27536)
+Patch28:  0028-curl-7.76.1-CVE-2023-27536.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -284,6 +287,7 @@ be installed.
 %patch25 -p1
 %patch26 -p1
 %patch27 -p1
+%patch28 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -510,6 +514,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 
 %changelog
 * Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-24
+- fix GSS delegation too eager connection re-use (CVE-2023-27536)
 - fix FTP too eager connection reuse (CVE-2023-27535)
 - fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
 - fix TELNET option IAC injection (CVE-2023-27533)