diff --git a/qt6-qtsvg.spec b/qt6-qtsvg.spec
index 9ea8704..d403d2b 100644
--- a/qt6-qtsvg.spec
+++ b/qt6-qtsvg.spec
@@ -11,7 +11,7 @@
 Summary: Qt6 - Support for rendering and displaying SVG
 Name:    qt6-%{qt_module}
 Version: 6.6.0
-Release: 2%{?dist}
+Release: 3%{?dist}
 
 License: LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0
 Url:     http://www.qt.io
@@ -24,6 +24,12 @@ Source0: https://download.qt.io/development_releases/qt/%{majmin}/%{qt_version}/
 Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-src-%{version}.tar.xz
 %endif
 
+# QTBUG-117944
+# QML Image bad source crashes application instead of error status (QSvgHandler::parse)
+Patch0:  qtsvg-fix-nullptr-dereference-with-invalid-svg.patch
+Patch1:  qtsvg-make-sure-we-dont-load-invalid-svg-twice.patch
+Patch2:  qtsvg-verify-loading-of-invalid-svg-files-dont-crash.patch
+
 # filter plugin provides
 %global __provides_exclude_from ^%{_qt6_plugindir}/.*\\.so$
 
@@ -114,6 +120,9 @@ popd
 %endif
 
 %changelog
+* Wed Oct 18 2023 Jan Grulich <jgrulich@redhat.com> - 6.6.0-3
+- Don't crash QML image on bad source
+
 * Tue Oct 17 2023 Jan Grulich <jgrulich@redhat.com> - 6.6.0-2
 - Re-enable examples
 
diff --git a/qtsvg-fix-nullptr-dereference-with-invalid-svg.patch b/qtsvg-fix-nullptr-dereference-with-invalid-svg.patch
new file mode 100644
index 0000000..c6b6d7f
--- /dev/null
+++ b/qtsvg-fix-nullptr-dereference-with-invalid-svg.patch
@@ -0,0 +1,26 @@
+From effc44495a33babd4cf7a2044123f420e6b3da1c Mon Sep 17 00:00:00 2001
+From: Paul Olav Tvete <paul.tvete@qt.io>
+Date: Tue, 10 Oct 2023 10:14:22 +0200
+Subject: [PATCH] Fix nullptr dereference with invalid SVG
+
+Fixes: QTBUG-117944
+Pick-to: 6.5 6.2
+Change-Id: I9059dc28c750fc0585f1fb982152b211c323c6cd
+Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
+(cherry picked from commit edc8ca7f1e45302223b4b7962a57a30918f84c8d)
+Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
+---
+
+diff --git a/src/svg/qsvghandler.cpp b/src/svg/qsvghandler.cpp
+index 2649422..335500a 100644
+--- a/src/svg/qsvghandler.cpp
++++ b/src/svg/qsvghandler.cpp
+@@ -3606,6 +3606,8 @@
+ 
+ static bool detectCycles(const QSvgNode *node, QList<const QSvgUse *> active = {})
+ {
++    if (Q_UNLIKELY(!node))
++        return false;
+     switch (node->type()) {
+     case QSvgNode::DOC:
+     case QSvgNode::G:
diff --git a/qtsvg-make-sure-we-dont-load-invalid-svg-twice.patch b/qtsvg-make-sure-we-dont-load-invalid-svg-twice.patch
new file mode 100644
index 0000000..5994585
--- /dev/null
+++ b/qtsvg-make-sure-we-dont-load-invalid-svg-twice.patch
@@ -0,0 +1,76 @@
+From 0bfb420574f192a097c7ab3dbdd452b39464dc84 Mon Sep 17 00:00:00 2001
+From: Paul Olav Tvete <paul.tvete@qt.io>
+Date: Tue, 10 Oct 2023 11:41:41 +0200
+Subject: [PATCH] Make sure we don't load invalid SVGs twice
+
+Fixes a bug where loading an invalid SVG that happens
+to be valid XML could behave differently in QML and C++,
+because readimage() in qquickpixmapcache.cpp calls
+QImageReader::size() twice.
+
+Task-number: QTBUG-117944
+Pick-to: 6.5
+Change-Id: Ibef7f54627c76414c66f81804f5f46f2db3594ba
+Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
+Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
+(cherry picked from commit a090bd1f9a7bfa14f06b14570c6a5a37843931c6)
+Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
+---
+
+diff --git a/src/plugins/imageformats/svg/qsvgiohandler.cpp b/src/plugins/imageformats/svg/qsvgiohandler.cpp
+index b04ee6b..570c982 100644
+--- a/src/plugins/imageformats/svg/qsvgiohandler.cpp
++++ b/src/plugins/imageformats/svg/qsvgiohandler.cpp
+@@ -19,7 +19,7 @@
+ {
+ public:
+     QSvgIOHandlerPrivate(QSvgIOHandler *qq)
+-        : q(qq), loaded(false), readDone(false), backColor(Qt::transparent)
++        : q(qq), loadAttempted(false), loadStatus(false), readDone(false), backColor(Qt::transparent)
+     {}
+ 
+     bool load(QIODevice *device);
+@@ -31,7 +31,8 @@
+     QRect            clipRect;
+     QSize            scaledSize;
+     QRect            scaledClipRect;
+-    bool             loaded;
++    bool             loadAttempted;
++    bool             loadStatus;
+     bool             readDone;
+     QColor           backColor;
+ };
+@@ -39,8 +40,9 @@
+ 
+ bool QSvgIOHandlerPrivate::load(QIODevice *device)
+ {
+-    if (loaded)
+-        return true;
++    if (loadAttempted)
++        return loadStatus;
++    loadAttempted = true;
+     if (q->format().isEmpty())
+         q->canRead();
+ 
+@@ -63,10 +65,10 @@
+ 
+     if (res) {
+         defaultSize = r.defaultSize();
+-        loaded = true;
++        loadStatus = true;
+     }
+ 
+-    return loaded;
++    return loadStatus;
+ }
+ 
+ 
+@@ -105,7 +107,7 @@
+ {
+     if (!device())
+         return false;
+-    if (d->loaded && !d->readDone)
++    if (d->loadStatus && !d->readDone)
+         return true;        // Will happen if we have been asked for the size
+ 
+     bool isCompressed = false;
diff --git a/qtsvg-verify-loading-of-invalid-svg-files-dont-crash.patch b/qtsvg-verify-loading-of-invalid-svg-files-dont-crash.patch
new file mode 100644
index 0000000..7c2d060
--- /dev/null
+++ b/qtsvg-verify-loading-of-invalid-svg-files-dont-crash.patch
@@ -0,0 +1,115 @@
+From f12f893931603bb6561149d813ca88b86e169ffd Mon Sep 17 00:00:00 2001
+From: Paul Olav Tvete <paul.tvete@qt.io>
+Date: Tue, 10 Oct 2023 14:25:19 +0200
+Subject: [PATCH] Verify that loading of invalid SVG files don't crash
+
+Also verify that we don't try to load invalid SVGs
+twice.
+
+Pick-to: 6.5
+Task-number: QTBUG-117944
+Change-Id: If3938384940112510d64a675f58c1e4e97e74986
+Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
+(cherry picked from commit 7eb8f63915a470b89b96eb274252543a22e774a7)
+Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
+---
+
+diff --git a/tests/auto/qsvgplugin/CMakeLists.txt b/tests/auto/qsvgplugin/CMakeLists.txt
+index e678708..c913cd3 100644
+--- a/tests/auto/qsvgplugin/CMakeLists.txt
++++ b/tests/auto/qsvgplugin/CMakeLists.txt
+@@ -37,6 +37,9 @@
+     "simple_Utf16BE.svg"
+     "simple_Utf32LE.svg"
+     "simple_Utf32BE.svg"
++    "invalid_xml.svg"
++    "xml_not_svg.svg"
++    "invalid_then_valid.svg"
+ )
+ 
+ qt_internal_add_resource(tst_qsvgplugin "resources"
+diff --git a/tests/auto/qsvgplugin/invalid_then_valid.svg b/tests/auto/qsvgplugin/invalid_then_valid.svg
+new file mode 100644
+index 0000000..d09f598
+--- /dev/null
++++ b/tests/auto/qsvgplugin/invalid_then_valid.svg
+@@ -0,0 +1,18 @@
++<!-- html-header type=current begin -->
++	
++	<!DOCTYPE html>
++	
++	<html lang="en">
++	<head>
++	<!-- Render IE9 -->
++	<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
++	</head>
++
++<body class="anon comments ">
++
++</body></html>
++<?xml version="1.0" encoding="UTF-8" standalone="no"?>
++<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN" "http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd">
++<svg version="1.0" xmlns="http://www.w3.org/2000/svg">
++  <circle cx="50" cy="50" r="25" fill="#00ff00" />
++</svg>
+diff --git a/tests/auto/qsvgplugin/invalid_xml.svg b/tests/auto/qsvgplugin/invalid_xml.svg
+new file mode 100644
+index 0000000..e0814ae
+--- /dev/null
++++ b/tests/auto/qsvgplugin/invalid_xml.svg
+@@ -0,0 +1,2 @@
++<!--abcd
++
+diff --git a/tests/auto/qsvgplugin/tst_qsvgplugin.cpp b/tests/auto/qsvgplugin/tst_qsvgplugin.cpp
+index 8bb401d..762d373 100644
+--- a/tests/auto/qsvgplugin/tst_qsvgplugin.cpp
++++ b/tests/auto/qsvgplugin/tst_qsvgplugin.cpp
+@@ -67,6 +67,9 @@
+     QTest::newRow("wide_size")           << QFINDTESTDATA("wide_size.svg")           << 100 << 200;
+     QTest::newRow("wide_size_viewbox")   << QFINDTESTDATA("wide_size_viewbox.svg")   << 100 << 200;
+     QTest::newRow("wide_viewbox")        << QFINDTESTDATA("wide_viewbox.svg")        <<  50 << 100;
++    QTest::newRow("invalid_xml")         << QFINDTESTDATA("invalid_xml.svg")         <<  0 << 0;
++    QTest::newRow("xml_not_svg")         << QFINDTESTDATA("xml_not_svg.svg")         <<  0 << 0;
++    QTest::newRow("invalid_then_valid")  << QFINDTESTDATA("invalid_then_valid.svg")  <<  0 << 0;
+ }
+ 
+ void tst_QSvgPlugin::checkSize()
+@@ -84,10 +87,19 @@
+     QImage image;
+     plugin.read(&image);
+ 
++    // Check that plugin survives double load
++    QVariant sizeVariant = plugin.option(QImageIOHandler::Size);
++
+     file.close();
+ 
+     QCOMPARE(imageHeight, image.height());
+     QCOMPARE(imageWidth, image.width());
++
++    QSize size = qvariant_cast<QSize>(sizeVariant);
++    if (size.isEmpty())
++        size = QSize(0, 0); // don't distinguish between null and invalid QSize
++    QCOMPARE(size.width(), imageWidth);
++    QCOMPARE(size.height(), imageHeight);
+ }
+ 
+ void tst_QSvgPlugin::checkImageInclude()
+diff --git a/tests/auto/qsvgplugin/xml_not_svg.svg b/tests/auto/qsvgplugin/xml_not_svg.svg
+new file mode 100644
+index 0000000..ccefc72
+--- /dev/null
++++ b/tests/auto/qsvgplugin/xml_not_svg.svg
+@@ -0,0 +1,13 @@
++<!-- html-header type=current begin -->
++	
++	<!DOCTYPE html>
++	
++	<html lang="en">
++	<head>
++	<!-- Render IE9 -->
++	<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
++	</head>
++
++<body class="anon comments ">
++
++</body></html>