diff --git a/0001-raster-interpret.c-Fix-CVE-2023-4504.patch b/0001-raster-interpret.c-Fix-CVE-2023-4504.patch
new file mode 100644
index 0000000..917bd14
--- /dev/null
+++ b/0001-raster-interpret.c-Fix-CVE-2023-4504.patch
@@ -0,0 +1,41 @@
+From 262c909ac5b8676d1c221584c5a760e5e83fae66 Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Mon, 4 Sep 2023 17:07:14 +0200
+Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
+
+We didn't check for end of buffer if it looks there is an escaped
+character - check for NULL terminator there and if found, return NULL
+as return value and in `ptr`, because a lone backslash is not
+a valid PostScript character.
+---
+ ppd/raster-interpret.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/ppd/raster-interpret.c b/ppd/raster-interpret.c
+index 91f6c0d3..d120d2fc 100644
+--- a/ppd/raster-interpret.c
++++ b/ppd/raster-interpret.c
+@@ -1270,7 +1270,19 @@ ppd_scan_ps(_ppd_ps_stack_t  *st,	// I  - Stack
+ 
+ 	    cur ++;
+ 
+-            if (*cur == 'b')
++	   /*
++	    * Return NULL if we reached NULL terminator, a lone backslash
++            * is not a valid character in PostScript.
++	    */
++
++	    if (!*cur)
++	    {
++	      *ptr = NULL;
++
++	      return (NULL);
++	    }
++
++	    if (*cur == 'b')
+ 	      *valptr++ = '\b';
+ 	    else if (*cur == 'f')
+ 	      *valptr++ = '\f';
+-- 
+2.41.0
+
diff --git a/libppd.spec b/libppd.spec
index f57832d..ee72bd5 100644
--- a/libppd.spec
+++ b/libppd.spec
@@ -8,7 +8,7 @@
 Name:           libppd
 Epoch:          1
 Version:        2.0~rc2
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Library for retro-fitting legacy printer drivers
 
 # the CUPS exception text is the same as LLVM exception, so using that name with
@@ -26,6 +26,8 @@ Patch0001: libppd-disable-testppdfile.patch
 Patch0002: 0001-ppd-ppd-ipp.c-Use-make-when-constructing-printer-mak.patch
 # https://github.com/OpenPrinting/libppd/commit/30b35cc751bc312a1f82db849b1c80dbd8d32aa4
 Patch0003: 0001-Decode-JCLToPDFInterpreter-value-in-ppdEmitJCLPDF.patch
+# https://github.com/OpenPrinting/libppd/commit/262c909ac5
+Patch0004: 0001-raster-interpret.c-Fix-CVE-2023-4504.patch
 
 
 # for autogen.sh
@@ -198,6 +200,9 @@ rm -rf %{buildroot}%{_datadir}/ppdc
 %endif
 
 %changelog
+* Wed Sep 20 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.0~rc2-4
+- CVE-2023-4504 libppd: Postscript Parsing Heap Overflow
+
 * Tue Aug 08 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.0~rc2-3
 - fix printing for PDF+PJL drivers