diff --git a/SOURCES/freetype-2.9.1-cve-2025-27363.patch b/SOURCES/freetype-2.9.1-cve-2025-27363.patch
new file mode 100644
index 0000000..ead4898
--- /dev/null
+++ b/SOURCES/freetype-2.9.1-cve-2025-27363.patch
@@ -0,0 +1,18 @@
+diff --git a/src/truetype/ttgload.c b/src/truetype/ttgload.c
+index 39d9c3f..259bb2e 100644
+--- a/src/truetype/ttgload.c
++++ b/src/truetype/ttgload.c
+@@ -1848,6 +1848,13 @@
+
+         limit = (short)gloader->current.num_subglyphs;
+
++        /* make sure this isn't negative as we're going to add 4 later */
++        if ( limit < 0 )
++        {
++          error = FT_THROW( Invalid_Argument );
++          goto Exit;
++        }
++
+         /* construct an outline structure for              */
+         /* communication with `TT_Vary_Apply_Glyph_Deltas' */
+         outline.n_points   = (short)( gloader->current.num_subglyphs + 4 );
diff --git a/SPECS/freetype.spec b/SPECS/freetype.spec
index ba024a6..7663265 100644
--- a/SPECS/freetype.spec
+++ b/SPECS/freetype.spec
@@ -3,7 +3,7 @@
 Summary: A free and portable font rendering engine
 Name: freetype
 Version: 2.9.1
-Release: 9%{?dist}
+Release: 9%{?dist}.alma.1
 License: (FTL or GPLv2+) and BSD and MIT and Public Domain and zlib with acknowledgement
 Group: System Environment/Libraries
 URL: http://www.freetype.org
@@ -42,6 +42,11 @@ Patch11:  freetype-2.9.1-properly-guard-face-index.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2077985
 Patch12:  freetype-2.9.1-guard-face-size.patch
 
+# CVE-2025-27363
+# https://gitlab.freedesktop.org/freetype/freetype/-/commit/ef636696524b081f1b8819eb0c6a0b932d35757d
+# https://gitlab.freedesktop.org/freetype/freetype/-/commit/73720c7c9958e87b3d134a7574d1720ad2d24442
+Patch13: freetype-2.9.1-cve-2025-27363.patch
+
 BuildRequires: libX11-devel
 BuildRequires: libpng-devel
 BuildRequires: zlib-devel
@@ -106,6 +111,7 @@ popd
 %patch10 -p1 -b .windres
 %patch11 -p1 -b .properly-guard-face-index
 %patch12 -p1 -b .guard-face-size
+%patch13 -p1 -b .cve-2025-27363
 
 %build
 
@@ -218,6 +224,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.{a,la}
 %{_mandir}/man1/*
 
 %changelog
+* Fri Mar 14 2025 Jonathan Wright <jonathan@almalinux.org> - 2.9.1-9.alma.1
+- Fix CVE-2025-27363
+- patch by Marc Deslauriers of Canonical
+
 * Fri May 27 2022 Marek Kasik <mkasik@redhat.com> - 2.9.1-9
 - Guard face->size
 - Resolves: #2079279