diff --git a/mod_security.spec b/mod_security.spec
index 12ecc8dda19c6bf7d19998f9011e7ea761f31128..878d39f2b66f6966d08fd02127493ae0184826a7 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -7,7 +7,7 @@
 
 Name: mod_security
 Version: 2.9.5
-Release: 3
+Release: 4
 Summary: Security module for the Apache HTTP Server
 License: ASL 2.0
 URL: http://www.modsecurity.org/
@@ -17,6 +17,7 @@ Source2: 10-mod_security.conf
 Source3: modsecurity_localrules.conf
 Patch0000: modsecurity-2.9.5-lua-54.patch
 Patch0001: modsecurity-2.9.5-use-uid-if-user-name-is-not-available.patch
+Patch0002: modsecurity-2.9.5-Properly-cleanup-XML-parser-contexts-upon-completion.patch
 
 Requires: httpd httpd-mmn = %{_httpd_mmn}
 BuildRequires: gcc make perl-generators httpd-devel yajl yajl-devel
@@ -99,6 +100,9 @@ install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
 %endif
 
 %changelog
+* Fri Jan 6 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-4
+- backport properly cleanup XML parser contexts upon completion
+
 * Fri Jan 6 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-3
 - backport use uid if user name is not available
 
diff --git a/modsecurity-2.9.5-Properly-cleanup-XML-parser-contexts-upon-completion.patch b/modsecurity-2.9.5-Properly-cleanup-XML-parser-contexts-upon-completion.patch
new file mode 100644
index 0000000000000000000000000000000000000000..e74ddde56f846d9a3a02302ffc9ed4bbd41dad81
--- /dev/null
+++ b/modsecurity-2.9.5-Properly-cleanup-XML-parser-contexts-upon-completion.patch
@@ -0,0 +1,36 @@
+From 6a5ec1ff7bd5a4a653da417f9a49a50cf5b2429d Mon Sep 17 00:00:00 2001
+From: Vladimir Krivopalov <vlkrivop@microsoft.com>
+Date: Mon, 13 Jan 2020 16:36:09 -0800
+Subject: [PATCH] Properly cleanup XML parser contexts upon completion
+
+It is currently possible that the XML parsing context is not properly
+cleaned up if a parsed XML document is malformed.
+
+This fix makes sure that the context is taken care of.
+
+Signed-off-by: Vladimir Krivopalov <vlkrivop@microsoft.com>
+---
+ apache2/msc_xml.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/apache2/msc_xml.c b/apache2/msc_xml.c
+index a31decb5..9cc4da65 100644
+--- a/apache2/msc_xml.c
++++ b/apache2/msc_xml.c
+@@ -137,6 +137,13 @@ int xml_complete(modsec_rec *msr, char **error_msg) {
+  * Frees the resources used for XML parsing.
+  */
+ apr_status_t xml_cleanup(modsec_rec *msr) {
++    if (msr->xml->parsing_ctx != NULL) {
++        if (msr->xml->parsing_ctx->myDoc) {
++            xmlFreeDoc(msr->xml->parsing_ctx->myDoc);
++        }
++        xmlFreeParserCtxt(msr->xml->parsing_ctx);
++        msr->xml->parsing_ctx = NULL;
++    }
+     if (msr->xml->doc != NULL) {
+         xmlFreeDoc(msr->xml->doc);
+         msr->xml->doc = NULL;
+-- 
+2.27.0
+