diff --git a/bugfix-for-cve-2025-27835.patch b/bugfix-for-cve-2025-27835.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c955a3af605e86211376a668bcbdb2b5de55e389
--- /dev/null
+++ b/bugfix-for-cve-2025-27835.patch
@@ -0,0 +1,30 @@
+From 920fae688705b3a25a1f8925f3837219a6243565 Mon Sep 17 00:00:00 2001
+From: Zdenek Hutyra <zhutyra@centrum.cz>
+Date: Wed, 20 Nov 2024 11:27:52 +0000
+Subject: Bug 708131: Fix confusion between bytes and shorts
+
+We were copying data from a string in multiple of shorts, rather than multiple
+of bytes, leading to both an read (probably benign, given the memory manager)
+and write buffer overflow.
+
+CVE-2025-27835
+---
+ psi/zbfont.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/psi/zbfont.c b/psi/zbfont.c
+index acffb39ef..5850ab54d 100644
+--- a/psi/zbfont.c
++++ b/psi/zbfont.c
+@@ -253,7 +253,7 @@ gs_font_map_glyph_to_unicode(gs_font *font, gs_glyph glyph, int ch, ushort *u, u
+                     if (l > length)
+                         return l;
+ 
+-                    memcpy(unicode_return, v->value.const_bytes, l * sizeof(short));
++                    memcpy(unicode_return, v->value.const_bytes, l);
+                     return l;
+                 }
+                 if (r_type(v) == t_integer) {
+-- 
+cgit v1.2.3
+
diff --git a/ghostscript.spec b/ghostscript.spec
index aebd76858b4f835b320135d133fbaf7cd5f98a02..7c42f4136e6e7a737fbbe082b34001e0079ebcfa 100644
--- a/ghostscript.spec
+++ b/ghostscript.spec
@@ -1,4 +1,4 @@
-%define anolis_release 3
+%define anolis_release 4
 
 %global _hardened_build 1
 %global _docdir_fmt     %{name}
@@ -79,6 +79,11 @@ Patch8: bugfix-for-cve-2025-27833.patch
 # Upstream fix: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3885f830772
 Patch9: bugfix-for-cve-2025-27834.patch
 
+# CVE-2025-27835
+# Tracking bug: https://bugs.ghostscript.com/show_bug.cgi?id=708131
+# Upstream fix: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=920fae68870
+Patch10: bugfix-for-cve-2025-27835.patch
+
 %description
 Ghostscript is an interpreter for PostScript® and Portable Document Format (PDF) files.
 
@@ -272,6 +277,9 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/
 
 
 %changelog
+* Sun Apr 27 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 10.03.0-4
+- Fix CVE-2025-27835
+
 * Sun Apr 27 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 10.03.0-3
 - Fix CVE-2025-27834