diff --git a/coreutils-8.9-buffer-overflow-in-sort.patch b/coreutils-8.9-buffer-overflow-in-sort.patch
new file mode 100644
index 0000000..c7287f4
--- /dev/null
+++ b/coreutils-8.9-buffer-overflow-in-sort.patch
@@ -0,0 +1,60 @@
+diff -pruN a/src/sort.c b/src/sort.c
+--- a/src/sort.c	2015-05-15 14:59:56.054854874 +0700
++++ b/src/sort.c	2015-05-15 15:21:43.994905457 +0700
+@@ -3148,8 +3148,10 @@ keycompare_mb (const struct line *a, con
+         {
+           if (ignore || translate)
+             {
+-              char *copy_a = (char *) alloca (lena + 1 + lenb + 1);
+-              char *copy_b = copy_a + lena + 1;
++              if (SIZE_MAX - lenb - 2 < lena)
++		xalloc_die ();
++	      char *copy_a = (char *) xnmalloc (lena + lenb + 2, MB_CUR_MAX);
++	      char *copy_b = copy_a + lena * MB_CUR_MAX + 1;
+               size_t new_len_a, new_len_b;
+               size_t i, j;
+ 
+diff -pruN a/tests/i18n/sort.sh b/tests/i18n/sort.sh
+--- a/tests/i18n/sort.sh	1970-01-01 07:00:00.000000000 +0700
++++ b/tests/i18n/sort.sh	2015-05-15 15:08:08.000000000 +0700
+@@ -0,0 +1,29 @@
++#!/bin/sh
++# Verify sort's multi-byte support.
++
++. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
++print_ver_ sort
++
++export LC_ALL=en_US.UTF-8
++locale -k LC_CTYPE | grep -q "charmap.*UTF-8" \
++  || skip_ "No UTF-8 locale available"
++
++# Enable heap consistency checkng on older systems
++export MALLOC_CHECK_=2
++
++
++# check buffer overflow issue due to
++# expanding multi-byte representation due to case conversion
++# https://bugzilla.suse.com/show_bug.cgi?id=928749
++cat <<EOF > exp
++.
++ɑ
++EOF
++cat <<EOF | sort -f > out || fail=1
++.
++ɑ
++EOF
++compare exp out || { fail=1; cat out; }
++
++
++Exit $fail
+diff -pruN a/tests/Makefile.am b/tests/Makefile.am
+--- a/tests/Makefile.am	2015-05-15 14:59:56.055854875 +0700
++++ b/tests/Makefile.am	2015-05-15 15:20:17.668902118 +0700
+@@ -421,6 +421,7 @@ TESTS =						\
+   du/slink					\
+   du/trailing-slash				\
+   du/two-args					\
++  i18n/sort.sh					\
+   id/gnu-zero-uids				\
+   id/no-context					\
+   install/basic-1				\
diff --git a/coreutils.spec b/coreutils.spec
index e3944ae..8e614bf 100644
--- a/coreutils.spec
+++ b/coreutils.spec
@@ -3,7 +3,7 @@
 Summary:	The GNU core utilities: a set of tools commonly used in shell scripts
 Name:		coreutils
 Version:	8.19
-Release:	17
+Release:	18
 License:	GPLv3+
 Group:		System/Base
 Url:		http://www.gnu.org/software/coreutils/