diff --git a/devel/py-configobj/Makefile b/devel/py-configobj/Makefile
index 148e09e20ef2..699f677cbc10 100644
--- a/devel/py-configobj/Makefile
+++ b/devel/py-configobj/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	configobj
 PORTVERSION=	5.0.8
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=	devel python
 MASTER_SITES=	PYPI
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
diff --git a/devel/py-configobj/files/patch-src_configobj_validate.py b/devel/py-configobj/files/patch-src_configobj_validate.py
new file mode 100644
index 000000000000..72eb31a15105
--- /dev/null
+++ b/devel/py-configobj/files/patch-src_configobj_validate.py
@@ -0,0 +1,16 @@
+From: cdcadman <mythirty@gmail.com>
+Date: Wed, 17 May 2023 03:57:08 -0700
+Subject: Address CVE-2023-26112 ReDoS
+
+Origin: https://github.com/DiffSK/configobj/pull/236
+--- src/configobj/validate.py.orig	2023-01-18 22:28:31 UTC
++++ src/configobj/validate.py
+@@ -541,7 +541,7 @@ class Validator(object):
+     """
+ 
+     # this regex does the initial parsing of the checks
+-    _func_re = re.compile(r'(.+?)\((.*)\)', re.DOTALL)
++    _func_re = re.compile(r'([^\(\)]+?)\((.*)\)', re.DOTALL)
+ 
+     # this regex takes apart keyword arguments
+     _key_arg = re.compile(r'^([a-zA-Z_][a-zA-Z0-9_]*)\s*=\s*(.*)$',  re.DOTALL)