diff --git a/helpers/DATA/dino-im/cve/01_ef8fb0e94ce79d5fde2943e433ad0422eb7f70ec.patch b/helpers/DATA/dino-im/cve/01_ef8fb0e94ce79d5fde2943e433ad0422eb7f70ec.patch
new file mode 100644
index 0000000..0172ccd
--- /dev/null
+++ b/helpers/DATA/dino-im/cve/01_ef8fb0e94ce79d5fde2943e433ad0422eb7f70ec.patch
@@ -0,0 +1,37 @@
+From ef8fb0e94ce79d5fde2943e433ad0422eb7f70ec Mon Sep 17 00:00:00 2001
+From: Marvin W <git@larma.de>
+Date: Thu, 23 Mar 2023 10:13:30 -0600
+Subject: [PATCH] Check sender of bookmark:1 updates
+
+---
+ xmpp-vala/src/module/xep/0402_bookmarks2.vala | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/xmpp-vala/src/module/xep/0402_bookmarks2.vala b/xmpp-vala/src/module/xep/0402_bookmarks2.vala
+index 406f37f43..d1e53e6e3 100644
+--- a/xmpp-vala/src/module/xep/0402_bookmarks2.vala
++++ b/xmpp-vala/src/module/xep/0402_bookmarks2.vala
+@@ -68,6 +68,11 @@ public class Module : BookmarksProvider, XmppStreamModule {
+     }
+ 
+     private void on_pupsub_item(XmppStream stream, Jid jid, string id, StanzaNode? node) {
++        if (!jid.equals(stream.get_flag(Bind.Flag.IDENTITY).my_jid.bare_jid)) {
++            warning("Received alleged bookmarks:1 item from %s, ignoring", jid.to_string());
++            return;
++        }
++
+         Conference conference = parse_item_node(node, id);
+         Flag? flag = stream.get_flag(Flag.IDENTITY);
+         if (flag != null) {
+@@ -77,6 +82,11 @@ public class Module : BookmarksProvider, XmppStreamModule {
+     }
+ 
+     private void on_pupsub_retract(XmppStream stream, Jid jid, string id) {
++        if (!jid.equals(stream.get_flag(Bind.Flag.IDENTITY).my_jid.bare_jid)) {
++            warning("Received alleged bookmarks:1 retract from %s, ignoring", jid.to_string());
++            return;
++        }
++
+         try {
+             Jid jid_parsed = new Jid(id);
+             Flag? flag = stream.get_flag(Flag.IDENTITY);
diff --git a/helpers/make-dino-im b/helpers/make-dino-im
new file mode 100644
index 0000000..7a0702d
--- /dev/null
+++ b/helpers/make-dino-im
@@ -0,0 +1,33 @@
+#!/bin/sh
+#
+#    Copyright (C) 2024  Luis Guzmán <ark@switnet.org>
+#
+#    This program is free software; you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation; either version 2 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program; if not, write to the Free Software
+#    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+#
+
+VERSION=0
+BUILD_UNTIL=11.0
+. ./config
+
+# Apply missing CVEs upstream
+for patch in $(ls -v ${DATA}/cve/*.patch)
+do
+    echo "> Applying $(echo $patch|xargs basename)"
+    patch --no-backup-if-mismatch -Np1 < $patch
+done
+
+
+changelog "Add missing CVEs at upstream: · CVE-2023-28686"
+package