diff --git a/changelog b/changelog
index f0709e73b..141998e74 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,12 @@
+libreoffice (1:6.4.7-0ubuntu0.20.04.10) focal-security; urgency=medium
+
+  * SECURITY UPDATE: Graphic on-click binding allows unchecked script
+     execution
+    - debian/patches/CVE-2024-3044.patch: add notify for script use
+    - CVE-2024-3044
+
+ -- Rico Tzschichholz <ricotz@ubuntu.com>  Wed, 15 May 2024 09:06:02 +0200
+
 libreoffice (1:6.4.7-0ubuntu0.20.04.9) focal-security; urgency=medium
 
   * SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
diff --git a/patches/CVE-2024-3044.patch b/patches/CVE-2024-3044.patch
new file mode 100644
index 000000000..07916ce53
--- /dev/null
+++ b/patches/CVE-2024-3044.patch
@@ -0,0 +1,37 @@
+From 3c25a1e4885a91b1a2fbfd873633f055caa50745 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolan.mcnamara@collabora.com>
+Date: Wed, 27 Mar 2024 17:07:20 +0000
+Subject: [PATCH] add notify for script use
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Change-Id: I84af197cec7755f6803a578e1e21c03966ad5f3e
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165410
+Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
+Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
+(cherry picked from commit a4a5c6b63599bca1f084bb90875f6fd8e15184ac)
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/167421
+Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
+Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
+---
+ xmloff/source/draw/eventimp.cxx | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/xmloff/source/draw/eventimp.cxx b/xmloff/source/draw/eventimp.cxx
+index f9e10c11cf7d..fcc36f946ff1 100644
+--- a/xmloff/source/draw/eventimp.cxx
++++ b/xmloff/source/draw/eventimp.cxx
+@@ -231,6 +231,9 @@ SdXMLEventContext::SdXMLEventContext( SvXMLImport& rImp,  sal_uInt16 nPrfx, cons
+ 
+     if( maData.mbValid )
+         maData.mbValid = !sEventName.isEmpty();
++
++    if (!maData.msMacroName.isEmpty())
++        rImp.NotifyMacroEventRead();
+ }
+ 
+ SvXMLImportContextRef SdXMLEventContext::CreateChildContext( sal_uInt16 nPrefix, const OUString& rLocalName, const Reference< XAttributeList>& xAttrList )
+-- 
+2.43.0
+
diff --git a/patches/series b/patches/series
index b297c2c1c..5a0608292 100644
--- a/patches/series
+++ b/patches/series
@@ -84,3 +84,4 @@ CVE-2023-6186-3.patch
 CVE-2023-6186-4.patch
 CVE-2023-6186-5.patch
 CppunitTest_desktop_lib-adjust-asserts-so-this-works.patch
+CVE-2024-3044.patch