diff --git a/pcre2-10.23-Fix-pcre2test-bug-for-global-match-with-zero-termina.patch b/pcre2-10.23-Fix-pcre2test-bug-for-global-match-with-zero-termina.patch
new file mode 100644
index 0000000..06c3ee7
--- /dev/null
+++ b/pcre2-10.23-Fix-pcre2test-bug-for-global-match-with-zero-termina.patch
@@ -0,0 +1,183 @@
+From 37fdecdb938eae9aece6c3b552b26d9054212a43 Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
+Date: Sun, 19 Mar 2017 18:34:27 +0000
+Subject: [PATCH] Fix pcre2test bug for global match with zero terminated
+ subject.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Ported to 10.23:
+
+commit 0f66bd9a67d59124c7f81b44ee28b6c1f26fd789
+Author: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
+Date:   Sun Mar 19 18:34:27 2017 +0000
+
+    Fix pcre2test bug for global match with zero terminated subject.
+
+    git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@687 6239d852-aaf2-0410-a92c-79f79f948069
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ src/pcre2test.c      | 38 ++++++++++++++++++++++----------------
+ testdata/testinput5  |  3 +++
+ testdata/testoutput5 |  4 ++++
+ 3 files changed, 29 insertions(+), 16 deletions(-)
+
+diff --git a/src/pcre2test.c b/src/pcre2test.c
+index 01457e8..4220b46 100644
+--- a/src/pcre2test.c
++++ b/src/pcre2test.c
+@@ -5724,7 +5724,7 @@ Returns:    PR_OK     continue processing next line
+ static int
+ process_data(void)
+ {
+-PCRE2_SIZE len, ulen;
++PCRE2_SIZE len, ulen, arg_ulen;
+ uint32_t gmatched;
+ uint32_t c, k;
+ uint32_t g_notempty = 0;
+@@ -6087,6 +6087,7 @@ ENDSTRING:
+ SET(*q, 0);
+ len = CASTVAR(uint8_t *, q) - dbuffer;    /* Length in bytes */
+ ulen = len/code_unit_size;                /* Length in code units */
++arg_ulen = ulen;                          /* Value to use in match arg */
+ 
+ /* If the string was terminated by \= we must now interpret modifiers. */
+ 
+@@ -6115,11 +6116,15 @@ if (pat_patctl.replacement[0] != 0 &&
+   }
+ 
+ /* We now have the subject in dbuffer, with len containing the byte length, and
+-ulen containing the code unit length. Move the data to the end of the buffer so
+-that a read over the end can be caught by valgrind or other means. If we have
+-explicit valgrind support, mark the unused start of the buffer unaddressable.
+-If we are using the POSIX interface, or testing zero-termination, we must
+-include the terminating zero in the usable data. */
++ulen containing the code unit length, with a copy in arg_ulen for use in match
++function arguments (this gets changed to PCRE2_ZERO_TERMINATED when the
++zero_terminate modifier is present).
++
++Move the data to the end of the buffer so that a read over the end can be
++caught by valgrind or other means. If we have explicit valgrind support, mark
++the unused start of the buffer unaddressable. If we are using the POSIX
++interface, or testing zero-termination, we must include the terminating zero in
++the usable data. */
+ 
+ c = code_unit_size * (((pat_patctl.control & CTL_POSIX) +
+                        (dat_datctl.control & CTL_ZERO_TERMINATE) != 0)? 1:0);
+@@ -6250,7 +6255,7 @@ if ((dat_datctl.control & (CTL_ALLUSEDTEXT|CTL_DFA)) == CTL_ALLUSEDTEXT &&
+ /* Handle passing the subject as zero-terminated. */
+ 
+ if ((dat_datctl.control & CTL_ZERO_TERMINATE) != 0)
+-  ulen = PCRE2_ZERO_TERMINATED;
++  arg_ulen = PCRE2_ZERO_TERMINATED;
+ 
+ /* The nullcontext modifier is used to test calling pcre2_[jit_]match() with a
+ NULL context. */
+@@ -6452,7 +6457,7 @@ if (dat_datctl.replacement[0] != 0)
+     rlen = PCRE2_ZERO_TERMINATED;
+   else
+     rlen = (CASTVAR(uint8_t *, r) - rbuffer)/code_unit_size;
+-  PCRE2_SUBSTITUTE(rc, compiled_code, pp, ulen, dat_datctl.offset,
++  PCRE2_SUBSTITUTE(rc, compiled_code, pp, arg_ulen, dat_datctl.offset,
+     dat_datctl.options|xoptions, match_data, dat_context,
+     rbuffer, rlen, nbuffer, &nsize);
+ 
+@@ -6534,7 +6539,7 @@ else for (gmatched = 0;; gmatched++)
+       start_time = clock();
+       for (i = 0; i < timeitm; i++)
+         {
+-        PCRE2_DFA_MATCH(capcount, compiled_code, pp, ulen,
++        PCRE2_DFA_MATCH(capcount, compiled_code, pp, arg_ulen,
+           dat_datctl.offset, dat_datctl.options | g_notempty, match_data,
+           use_dat_context, dfa_workspace, DFA_WS_DIMENSION);
+         }
+@@ -6545,7 +6550,7 @@ else for (gmatched = 0;; gmatched++)
+       start_time = clock();
+       for (i = 0; i < timeitm; i++)
+         {
+-        PCRE2_JIT_MATCH(capcount, compiled_code, pp, ulen,
++        PCRE2_JIT_MATCH(capcount, compiled_code, pp, arg_ulen,
+           dat_datctl.offset, dat_datctl.options | g_notempty, match_data,
+           use_dat_context);
+         }
+@@ -6556,7 +6561,7 @@ else for (gmatched = 0;; gmatched++)
+       start_time = clock();
+       for (i = 0; i < timeitm; i++)
+         {
+-        PCRE2_MATCH(capcount, compiled_code, pp, ulen,
++        PCRE2_MATCH(capcount, compiled_code, pp, arg_ulen,
+           dat_datctl.offset, dat_datctl.options | g_notempty, match_data,
+           use_dat_context);
+         }
+@@ -6572,9 +6577,9 @@ else for (gmatched = 0;; gmatched++)
+ 
+   if ((dat_datctl.control & CTL_FINDLIMITS) != 0)
+     {
+-    capcount = check_match_limit(pp, ulen, PCRE2_ERROR_MATCHLIMIT, "match");
++    capcount = check_match_limit(pp, arg_ulen, PCRE2_ERROR_MATCHLIMIT, "match");
+     if (FLD(compiled_code, executable_jit) == NULL)
+-      (void)check_match_limit(pp, ulen, PCRE2_ERROR_RECURSIONLIMIT,
++      (void)check_match_limit(pp, arg_ulen, PCRE2_ERROR_RECURSIONLIMIT,
+         "recursion");
+     }
+ 
+@@ -6604,7 +6609,7 @@ else for (gmatched = 0;; gmatched++)
+         dfa_workspace = (int *)malloc(DFA_WS_DIMENSION*sizeof(int));
+       if (dfa_matched++ == 0)
+         dfa_workspace[0] = -1;  /* To catch bad restart */
+-      PCRE2_DFA_MATCH(capcount, compiled_code, pp, ulen,
++      PCRE2_DFA_MATCH(capcount, compiled_code, pp, arg_ulen,
+         dat_datctl.offset, dat_datctl.options | g_notempty, match_data,
+         use_dat_context, dfa_workspace, DFA_WS_DIMENSION);
+       if (capcount == 0)
+@@ -6616,10 +6621,10 @@ else for (gmatched = 0;; gmatched++)
+     else
+       {
+       if ((pat_patctl.control & CTL_JITFAST) != 0)
+-        PCRE2_JIT_MATCH(capcount, compiled_code, pp, ulen, dat_datctl.offset,
++        PCRE2_JIT_MATCH(capcount, compiled_code, pp, arg_ulen, dat_datctl.offset,
+           dat_datctl.options | g_notempty, match_data, use_dat_context);
+       else
+-        PCRE2_MATCH(capcount, compiled_code, pp, ulen, dat_datctl.offset,
++        PCRE2_MATCH(capcount, compiled_code, pp, arg_ulen, dat_datctl.offset,
+           dat_datctl.options | g_notempty, match_data, use_dat_context);
+       if (capcount == 0)
+         {
+@@ -7032,6 +7037,7 @@ else for (gmatched = 0;; gmatched++)
+       pp += end_offset * code_unit_size;
+       len -= end_offset * code_unit_size;
+       ulen -= end_offset;
++      if (arg_ulen != PCRE2_ZERO_TERMINATED) arg_ulen -= end_offset;
+       }
+     }
+   }  /* End of global loop */
+diff --git a/testdata/testinput5 b/testdata/testinput5
+index e5a43e5..a574872 100644
+--- a/testdata/testinput5
++++ b/testdata/testinput5
+@@ -1763,4 +1763,7 @@
+ 
+ /[^\HH]/Bi,utf
+ 
++//g,utf
++    \=zero_terminate
++
+ # End of testinput5 
+diff --git a/testdata/testoutput5 b/testdata/testoutput5
+index 9651fd1..26f9569 100644
+--- a/testdata/testoutput5
++++ b/testdata/testoutput5
+@@ -4232,4 +4232,8 @@ Failed: error 125 at offset 2: lookbehind assertion is not fixed length
+         End
+ ------------------------------------------------------------------
+ 
++//g,utf
++    \=zero_terminate
++ 0: 
++
+ # End of testinput5 
+-- 
+2.7.4
+
diff --git a/pcre2.spec b/pcre2.spec
index 45811b6..708ca6e 100644
--- a/pcre2.spec
+++ b/pcre2.spec
@@ -45,6 +45,9 @@ Patch2:     pcre2-10.23-Fix-32-bit-non-UTF-property-test-crash.patch
 # Fix an internal error for a forward reference in a lookbehind with
 # PCRE2_ANCHORED, # oss-fuzz bug #865, in upstream after 10.23
 Patch3:     pcre2-10.23-Fix-crash-for-forward-reference-in-lookbehind-with-P.patch
+# Fix a pcre2test bug for global match with zero terminated subject,
+# upstream bug #2063, in upstream after 10.23
+Patch4:     pcre2-10.23-Fix-pcre2test-bug-for-global-match-with-zero-termina.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  coreutils
@@ -124,6 +127,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 # Because of multilib patch
 libtoolize --copy --force
 autoreconf -vif
@@ -225,6 +229,8 @@ make %{?_smp_mflags} check VERBOSE=yes
 * Mon Mar 20 2017 Petr Pisar <ppisar@redhat.com> - 10.23-3
 - Fix an internal error for a forward reference in a lookbehind with
   PCRE2_ANCHORED (oss-fuzz bug #865)
+- Fix a pcre2test bug for global match with zero terminated subject
+  (upstream bug #2063)
 
 * Mon Feb 27 2017 Petr Pisar <ppisar@redhat.com> - 10.23-2
 - Handle memmory allocation failures in pcre2test tool