diff -Nru liblouis-3.5.0/debian/changelog liblouis-3.5.0/debian/changelog
--- liblouis-3.5.0/debian/changelog	2018-10-02 14:13:18.000000000 +0000
+++ liblouis-3.5.0/debian/changelog	2022-06-09 13:37:45.000000000 +0000
@@ -1,3 +1,12 @@
+liblouis (3.5.0-1ubuntu0.4) bionic-security; urgency=medium
+
+  * SECURITY UPDATE: Out-of-bounds
+    - debian/patches/CVE-2022-31783.patch: prevent an invalid
+      memory writes in compileRule in liblouis/compileTranslationTable.c.
+    - CVE-2022-31783
+
+ -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Thu, 09 Jun 2022 10:37:45 -0300
+
 liblouis (3.5.0-1ubuntu0.3) bionic-security; urgency=medium
 
   * SECURITY UPDATE: Stack-based buffer overflow
diff -Nru liblouis-3.5.0/debian/patches/CVE-2022-31783.patch liblouis-3.5.0/debian/patches/CVE-2022-31783.patch
--- liblouis-3.5.0/debian/patches/CVE-2022-31783.patch	1970-01-01 00:00:00.000000000 +0000
+++ liblouis-3.5.0/debian/patches/CVE-2022-31783.patch	2022-06-09 13:37:40.000000000 +0000
@@ -0,0 +1,33 @@
+From ff747ec5e1ac54d54194846f6fe5bfc689192a85 Mon Sep 17 00:00:00 2001
+From: Christian Egli <christian.egli@sbs.ch>
+Date: Wed, 25 May 2022 18:08:36 +0200
+Subject: [PATCH] Prevent an invalid memory writes in compileRule
+
+Thanks to Han Zheng for reporting it
+
+Fixes #1214
+diff --git a/liblouis/compileTranslationTable.c b/liblouis/compileTranslationTable.c
+index a4b53d3..3dd2dee 100644
+--- a/liblouis/compileTranslationTable.c
++++ b/liblouis/compileTranslationTable.c
+@@ -3842,12 +3842,14 @@ doOpcode:
+ 	case CTO_SeqAfterExpression:
+ 
+ 		if (getRuleCharsText(nested, &ruleChars, &lastToken)) {
+-			for ((*table)->seqAfterExpressionLength = 0;
+-					(*table)->seqAfterExpressionLength < ruleChars.length;
+-					(*table)->seqAfterExpressionLength++)
+-				(*table)->seqAfterExpression[(*table)->seqAfterExpressionLength] =
+-						ruleChars.chars[(*table)->seqAfterExpressionLength];
+-			(*table)->seqAfterExpression[(*table)->seqAfterExpressionLength] = 0;
++				if ((ruleChars.length + 1) > SEQPATTERNSIZE) {
++					compileError(nested, "More than %d characters", SEQPATTERNSIZE);
++					return 0;
++				}
++				for (int k = 0; k < ruleChars.length; k++)
++					(*table)->seqAfterExpression[k] = ruleChars.chars[k];
++					(*table)->seqAfterExpression[ruleChars.length] = 0;
++					(*table)->seqAfterExpressionLength = ruleChars.length;
+ 		}
+ 		break;
+ 
diff -Nru liblouis-3.5.0/debian/patches/series liblouis-3.5.0/debian/patches/series
--- liblouis-3.5.0/debian/patches/series	2018-10-02 14:13:10.000000000 +0000
+++ liblouis-3.5.0/debian/patches/series	2022-06-09 13:37:40.000000000 +0000
@@ -6,3 +6,4 @@
 CVE-2018-11683.patch
 CVE-2018-12085.patch
 CVE-2018-17294.patch
+CVE-2022-31783.patch