diff --git a/pcre2-10.22-Fix-pcre2test-mishandling-end-before-start-return-wi.patch b/pcre2-10.22-Fix-pcre2test-mishandling-end-before-start-return-wi.patch
new file mode 100644
index 0000000..210e4ea
--- /dev/null
+++ b/pcre2-10.22-Fix-pcre2test-mishandling-end-before-start-return-wi.patch
@@ -0,0 +1,81 @@
+From b6c92f4b6b35ce09afcbfd71170b72d3a8bb063d Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
+Date: Wed, 11 Jan 2017 17:02:27 +0000
+Subject: [PATCH] Fix pcre2test mishandling "end before start" return with
+ POSIX interface.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@650 6239d852-aaf2-0410-a92c-79f79f948069
+
+Petr Písař: Ported to 10.22.
+
+diff --git a/src/pcre2test.c b/src/pcre2test.c
+index d9c8ed8..5ea245d 100644
+--- a/src/pcre2test.c
++++ b/src/pcre2test.c
+@@ -6184,18 +6184,27 @@ if ((pat_patctl.control & CTL_POSIX) != 0)
+       {
+       if (pmatch[i].rm_so >= 0)
+         {
++        PCRE2_SIZE start = pmatch[i].rm_so;
++        PCRE2_SIZE end = pmatch[i].rm_eo;
++        if (start > end)
++          {
++          start = pmatch[i].rm_eo;
++          end = pmatch[i].rm_so;
++          fprintf(outfile, "Start of matched string is beyond its end - "
++            "displaying from end to start.\n");
++          }
+         fprintf(outfile, "%2d: ", (int)i);
+-        PCHARSV(pp, pmatch[i].rm_so,
+-          pmatch[i].rm_eo - pmatch[i].rm_so, utf, outfile);
++        PCHARSV(pp, start, end - start, utf, outfile);
+         fprintf(outfile, "\n");
++
+         if ((i == 0 && (dat_datctl.control & CTL_AFTERTEXT) != 0) ||
+             (dat_datctl.control & CTL_ALLAFTERTEXT) != 0)
+           {
+           fprintf(outfile, "%2d+ ", (int)i);
+-          PCHARSV(pp, pmatch[i].rm_eo, len - pmatch[i].rm_eo,
+-            utf, outfile);
+-          fprintf(outfile, "\n");
+-          }
++          /* Note: don't use the start/end variables here because we want to
++          show the text from what is reported as the end. */
++          PCHARSV(pp, pmatch[i].rm_eo, len - pmatch[i].rm_eo, utf, outfile);
++          fprintf(outfile, "\n"); }
+         }
+       }
+     }
+diff --git a/testdata/testinput18 b/testdata/testinput18
+index ea47a4d..bd1c6ad 100644
+--- a/testdata/testinput18
++++ b/testdata/testinput18
+@@ -106,4 +106,7 @@
+ //posix_nosub
+     \=offset=70000
+ 
++/(?=(a\K))/
++    a
++     
+ # End of testdata/testinput18
+diff --git a/testdata/testoutput18 b/testdata/testoutput18
+index 51c7d21..fd6fac3 100644
+--- a/testdata/testoutput18
++++ b/testdata/testoutput18
+@@ -162,4 +162,10 @@ Failed: POSIX code 4: ? * + invalid at offset 1000001
+ ** Ignored with POSIX interface: offset
+ Matched with REG_NOSUB
+ 
++/(?=(a\K))/
++    a
++Start of matched string is beyond its end - displaying from end to start.
++ 0: a
++ 1: a
++     
+ # End of testdata/testinput18
+-- 
+2.7.4
+
diff --git a/pcre2.spec b/pcre2.spec
index 0a71a75..4680a4e 100644
--- a/pcre2.spec
+++ b/pcre2.spec
@@ -2,7 +2,7 @@
 #%%global rcversion RC1
 Name:       pcre2
 Version:    10.22
-Release:    %{?rcversion:0.}9%{?rcversion:.%rcversion}%{?dist}
+Release:    %{?rcversion:0.}10%{?rcversion:.%rcversion}%{?dist}
 %global     myversion %{version}%{?rcversion:-%rcversion}
 Summary:    Perl-compatible regular expression library
 Group:      System Environment/Libraries
@@ -75,6 +75,9 @@ Patch16:    pcre2-10.22-Fix-NULL-defer-in-extended-substition-for-p-P-or-X.patch
 Patch17:    pcre2-10.22-Fix-OOB-error-in-substitute-with-start-offset-longer.patch
 # Fix compiling a class with UCP and without UTF, in upstream after 10.22
 Patch18:    pcre2-10.22-Fix-class-bug-when-UCP-but-not-UTF-was-set-and-all-w.patch
+# Fix an out-of-bound read in pcre2test tool within POSIX mode,
+# in upstream after 10.22, upstream bug #2008
+Patch19:    pcre2-10.22-Fix-pcre2test-mishandling-end-before-start-return-wi.patch
 # New libtool to get rid of RPATH and to use distribution autotools
 BuildRequires:  autoconf
 BuildRequires:  automake
@@ -170,6 +173,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
 %patch16 -p1
 %patch17 -p1
 %patch18 -p1
+%patch19 -p1
 # Because of multilib patch
 libtoolize --copy --force
 autoreconf -vif
@@ -266,6 +270,10 @@ make %{?_smp_mflags} check VERBOSE=yes
 %{_mandir}/man1/pcre2test.*
 
 %changelog
+* Thu Jan 12 2017 Petr Pisar <ppisar@redhat.com> - 10.22-10
+- Fix an out-of-bound read in pcre2test tool within POSIX mode
+  (upstream bug #2008)
+
 * Tue Jan 03 2017 Petr Pisar <ppisar@redhat.com> - 10.22-9
 - Fix compiling a class with UCP and without UTF