diff --git a/pcre2-10.23-Correct-an-incorrect-cast.patch b/pcre2-10.23-Correct-an-incorrect-cast.patch
new file mode 100644
index 0000000..02d6dbf
--- /dev/null
+++ b/pcre2-10.23-Correct-an-incorrect-cast.patch
@@ -0,0 +1,55 @@
+From 8ac12aa2c80b1a5eec8fdafa66611c8c7cde5af7 Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@6239d852-aaf2-0410-a92c-79f79f948069>
+Date: Fri, 14 Apr 2017 12:14:41 +0000
+Subject: [PATCH] Correct an incorrect cast.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+git-svn-id: svn://vcs.exim.org/pcre2/code/trunk@748 6239d852-aaf2-0410-a92c-79f79f948069
+
+Petr Písař: Ported to 10.23.
+---
+ src/pcre2_valid_utf.c | 8 ++++----
+ 2 files changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/src/pcre2_valid_utf.c b/src/pcre2_valid_utf.c
+index 3e18f12..96e8bff 100644
+--- a/src/pcre2_valid_utf.c
++++ b/src/pcre2_valid_utf.c
+@@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language.
+ 
+                        Written by Philip Hazel
+      Original API code Copyright (c) 1997-2012 University of Cambridge
+-         New API code Copyright (c) 2016 University of Cambridge
++          New API code Copyright (c) 2016-2017 University of Cambridge
+ 
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -142,20 +142,20 @@ for (p = string; length > 0; p++)
+ 
+   if (c < 0xc0)                         /* Isolated 10xx xxxx byte */
+     {
+-    *erroroffset = (int)(p - string);
++    *erroroffset = (PCRE2_SIZE)(p - string);
+     return PCRE2_ERROR_UTF8_ERR20;
+     }
+ 
+   if (c >= 0xfe)                        /* Invalid 0xfe or 0xff bytes */
+     {
+-    *erroroffset = (int)(p - string);
++    *erroroffset = (PCRE2_SIZE)(p - string);
+     return PCRE2_ERROR_UTF8_ERR21;
+     }
+ 
+   ab = PRIV(utf8_table4)[c & 0x3f];     /* Number of additional bytes (1-5) */
+   if (length < ab)                      /* Missing bytes */
+     {
+-    *erroroffset = (int)(p - string);
++    *erroroffset = (PCRE2_SIZE)(p - string);
+     switch(ab - length)
+       {
+       case 1: return PCRE2_ERROR_UTF8_ERR1;
+-- 
+2.7.4
+
diff --git a/pcre2.spec b/pcre2.spec
index cfbd259..eea67df 100644
--- a/pcre2.spec
+++ b/pcre2.spec
@@ -74,6 +74,9 @@ Patch11:    pcre2-10.23-Fix-bug-introduced-at-10.21-use-memory-allocator-fro.pat
 # a character with a code point greater than 0x10ffff in UTF-32 library while
 # UTF mode is disabled), upstream bug #2052, in upstream after 10.23
 Patch12:    pcre2-10.23-Fix-character-type-detection-when-32-bit-and-UCP-are.patch
+# Fix an incorrect cast in UTF validation, upstream bug #2090,
+# in upstream after 10.23
+Patch13:    pcre2-10.23-Correct-an-incorrect-cast.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  coreutils
@@ -162,6 +165,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test.
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
+%patch13 -p1
 # Because of multilib patch
 libtoolize --copy --force
 autoreconf -vif
@@ -264,6 +268,7 @@ make %{?_smp_mflags} check VERBOSE=yes
 - Fix CVE-2017-7186 in JIT mode (a crash when finding a Unicode property for
   a character with a code point greater than 0x10ffff in UTF-32 library while
   UTF mode is disabled), upstream bug #2052, in upstream after 10.23
+- Fix an incorrect cast in UTF validation (upstream bug #2090)
 
 * Mon Mar 27 2017 Petr Pisar <ppisar@redhat.com> - 10.23-5
 - Fix DFA match for a possessively repeated character class (upstream bug #2086)