diff --git a/djvulibre-3.5.27-djvuport-stack-overflow.patch b/djvulibre-3.5.27-djvuport-stack-overflow.patch
new file mode 100644
index 0000000..e7bc643
--- /dev/null
+++ b/djvulibre-3.5.27-djvuport-stack-overflow.patch
@@ -0,0 +1,36 @@
+diff --git a/libdjvu/DjVuPort.cpp b/libdjvu/DjVuPort.cpp
+index 2b3e0d2..ede7f6b 100644
+--- a/libdjvu/DjVuPort.cpp
++++ b/libdjvu/DjVuPort.cpp
+@@ -507,10 +507,19 @@ GP<DjVuFile>
+ DjVuPortcaster::id_to_file(const DjVuPort * source, const GUTF8String &id)
+ {
+    GPList<DjVuPort> list;
++
++   if (!!opening_id && opening_id == id)
++      G_THROW("DjVuPortcaster: recursive opening of the same file (corrupted file?)");
++   else
++      opening_id = id;
++
+    compute_closure(source, list, true);
+    GP<DjVuFile> file;
+    for(GPosition pos=list;pos;++pos)
+       if ((file=list[pos]->id_to_file(source, id))) break;
++
++   opening_id = GUTF8String();
++
+    return file;
+ }
+ 
+diff --git a/libdjvu/DjVuPort.h b/libdjvu/DjVuPort.h
+index e2b3125..313dc2b 100644
+--- a/libdjvu/DjVuPort.h
++++ b/libdjvu/DjVuPort.h
+@@ -484,6 +484,7 @@ private:
+                        const DjVuPort *dst, int distance);
+    void compute_closure(const DjVuPort *src, GPList<DjVuPort> &list,
+                         bool sorted=false);
++   GUTF8String opening_id;
+ };
+ 
+ 
diff --git a/djvulibre.spec b/djvulibre.spec
index f29708e..5bf9a6c 100644
--- a/djvulibre.spec
+++ b/djvulibre.spec
@@ -3,7 +3,7 @@
 Summary: DjVu viewers, encoders, and utilities
 Name: djvulibre
 Version: 3.5.27
-Release: 26%{?dist}
+Release: 27%{?dist}
 License: GPLv2+
 URL: http://djvu.sourceforge.net/
 Source0: http://downloads.sourceforge.net/djvu/%{name}-%{version}.tar.gz
@@ -18,6 +18,7 @@ Patch7: djvulibre-3.5.27-null-dereference.patch
 Patch8: djvulibre-3.5.27-check-image-size.patch
 Patch9: djvulibre-3.5.27-integer-overflow.patch
 Patch10: djvulibre-3.5.27-check-input-pool.patch
+Patch11: djvulibre-3.5.27-djvuport-stack-overflow.patch
 
 Requires(post): xdg-utils
 Requires(preun): xdg-utils
@@ -80,6 +81,7 @@ Development files for DjVuLibre.
 %patch8 -p1 -b .check-image-size
 %patch9 -p1 -b .integer-overflow
 %patch10 -p1 -b .check-input-pool
+%patch11 -p1 -b .djvuport-stack-overflow
 
 
 %build 
@@ -187,6 +189,10 @@ fi
 
 
 %changelog
+* Mon May 03 2021 Marek Kasik <mkasik@redhat.com> - 3.5.27-27
+- Avoid stack overflow in DjVuPort by remembering which file we are opening
+- Resolves: #1943411, #1943685
+
 * Mon May 03 2021 Marek Kasik <mkasik@redhat.com> - 3.5.27-26
 - Check input pool for NULL
 - Resolves: #1943410