diff --git a/SOURCES/CVE-2024-57823.patch b/SOURCES/CVE-2024-57823.patch
new file mode 100644
index 0000000..b066893
--- /dev/null
+++ b/SOURCES/CVE-2024-57823.patch
@@ -0,0 +1,35 @@
+--- raptor2-2.0.15/src/raptor_rfc2396.c.CVE-2024-57823	2014-07-26 23:07:37.000000000 +0200
++++ raptor2-2.0.15/src/raptor_rfc2396.c	2025-01-13 12:59:22.175568228 +0100
+@@ -289,10 +289,8 @@ raptor_uri_normalize_path(unsigned char*
+   }
+ 
+   
+-#if defined(RAPTOR_DEBUG)
+   if(path_len != strlen((const char*)path_buffer))
+     RAPTOR_FATAL4("Path '%s' length %ld does not match calculated %ld.", (const char*)path_buffer, (long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+     
+   /* Remove all "<component>/../" path components */
+ 
+@@ -327,10 +325,8 @@ raptor_uri_normalize_path(unsigned char*
+     if(!prev || !cur)
+       continue;
+ 
+-#if defined(RAPTOR_DEBUG)
+     if(path_len != strlen((const char*)path_buffer))
+       RAPTOR_FATAL3("Path length %ld does not match calculated %ld.", (long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+     
+     /* If the current one is '..' */
+     if(s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
+@@ -393,10 +389,8 @@ raptor_uri_normalize_path(unsigned char*
+   }
+ 
+ 
+-#if defined(RAPTOR_DEBUG)
+   if(path_len != strlen((const char*)path_buffer))
+     RAPTOR_FATAL3("Path length %ld does not match calculated %ld.", (long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+ 
+   /* RFC3986 Appendix C.2 / 5.4.2 Abnormal Examples
+    * Remove leading /../ and /./ 
diff --git a/SPECS/raptor2.spec b/SPECS/raptor2.spec
index 91611ff..bb349bb 100644
--- a/SPECS/raptor2.spec
+++ b/SPECS/raptor2.spec
@@ -2,7 +2,7 @@
 Summary: RDF Parser Toolkit for Redland
 Name:    raptor2
 Version: 2.0.15
-Release: 30%{?dist}
+Release: 32%{?dist}
 
 License: GPLv2+ or LGPLv2+ or ASL 2.0
 Source:  http://download.librdf.org/source/raptor2-%{version}.tar.gz
@@ -13,6 +13,8 @@ URL:     http://librdf.org/raptor/
 Patch1: 0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch
 # https://bugs.librdf.org/mantis/view.php?id=650
 Patch2: 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch
+# no patch yet but https://github.com/dajobe/raptor/issues/70
+Patch3: CVE-2024-57823.patch
 
 ## upstreamable patches
 
@@ -101,6 +103,13 @@ make check
 
 
 %changelog
+* Tue Jan 14 2025 Eike Rathke <erack@redhat.com> - 2.0.15-32
+- Bump NVR
+
+* Mon Jan 13 2025 Eike Rathke <erack@redhat.com> - 2.0.15-31
+- Resolves: CVE-2024-57823 integer underflow when normalizing a URI with the
+  turtle parser
+
 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.15-30
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688