diff --git a/libxslt-1.1.39-CVE-2024-55549.patch b/libxslt-1.1.39-CVE-2024-55549.patch
new file mode 100644
index 0000000..a374105
--- /dev/null
+++ b/libxslt-1.1.39-CVE-2024-55549.patch
@@ -0,0 +1,45 @@
+From 7f24858ae0f26e610a5a9a6f2a216fa6469c52d1 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Thu, 5 Dec 2024 12:43:19 +0100
+Subject: [PATCH] [CVE-2024-55549] Fix UAF related to excluded namespaces
+
+Definitions of excluded namespaces could be deleted in
+xsltParseTemplateContent. Store excluded namespace URIs in the
+stylesheet's dictionary instead of referencing the namespace definition.
+
+Thanks to Ivan Fratric for the report!
+
+Fixes #127.
+---
+ libxslt/xslt.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/xslt.c b/libxslt/xslt.c
+index 39a700b0..9a081cd1 100644
+--- a/libxslt/xslt.c
++++ b/libxslt/xslt.c
+@@ -147,10 +147,20 @@ xsltParseContentError(xsltStylesheetPtr style,
+  * in case of error
+  */
+ static int
+-exclPrefixPush(xsltStylesheetPtr style, xmlChar * value)
++exclPrefixPush(xsltStylesheetPtr style, xmlChar * orig)
+ {
++    xmlChar *value;
+     int i;
+ 
++    /*
++     * orig can come from a namespace definition on a node which
++     * could be deleted later, for example in xsltParseTemplateContent.
++     * Store the string in stylesheet's dict to avoid use after free.
++     */
++    value = (xmlChar *) xmlDictLookup(style->dict, orig, -1);
++    if (value == NULL)
++        return(-1);
++
+     /* do not push duplicates */
+     for (i = 0;i < style->exclPrefixNr;i++) {
+         if (xmlStrEqual(style->exclPrefixTab[i], value))
+-- 
+2.49.0
+
diff --git a/libxslt.spec b/libxslt.spec
index f67dd79..3b9b449 100644
--- a/libxslt.spec
+++ b/libxslt.spec
@@ -1,7 +1,7 @@
 Name:           libxslt
 Summary:        Library providing the Gnome XSLT engine
 Version:        1.1.39
-Release:        6%{?dist}
+Release:        7%{?dist}
 
 License:        MIT
 URL:            https://gitlab.gnome.org/GNOME/libxslt
@@ -21,6 +21,8 @@ BuildRequires:  python3-devel
 Patch0:         multilib.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1467435
 Patch1:         multilib2.patch
+# https://issues.redhat.com/browse/RHEL-83503
+Patch2:         libxslt-1.1.39-CVE-2024-55549.patch
 
 %description
 This C library allows to transform XML files into other XML files
@@ -134,6 +136,9 @@ rm -vrf %{buildroot}%{_docdir}
 %endif
 
 %changelog
+* Fri Apr 04 2025 David King <dking@redhat.com> - 1.1.39-7
+- Fix CVE-2024-55549 (RHEL-83503)
+
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.1.39-6
 - Bump release for October 2024 mass rebuild:
   Resolves: RHEL-64018