diff --git a/backports/openscad/0001-fix-CVE-2022-0496.patch b/backports/openscad/0001-fix-CVE-2022-0496.patch
new file mode 100644
index 0000000..8f8a1e8
--- /dev/null
+++ b/backports/openscad/0001-fix-CVE-2022-0496.patch
@@ -0,0 +1,76 @@
+From 00a4692989c4e2f191525f73f24ad8727bacdf41 Mon Sep 17 00:00:00 2001
+From: Torsten Paul <Torsten.Paul@gmx.de>
+Date: Sat, 5 Feb 2022 18:38:31 +0100
+Subject: [PATCH] CVE-2022-0496 Out-of-bounds memory access in DXF loader.
+
+Public issue:
+https://github.com/openscad/openscad/issues/4037
+
+Fix in master branch:
+https://github.com/openscad/openscad/pull/4090
+---
+ src/dxfdata.cc | 27 +++++++++++++++++++++++----
+ 1 file changed, 23 insertions(+), 4 deletions(-)
+
+diff --git a/src/dxfdata.cc b/src/dxfdata.cc
+index 2bb7236746..aa6b6f3976 100644
+--- a/src/dxfdata.cc
++++ b/src/dxfdata.cc
+@@ -441,6 +441,11 @@ DxfData::DxfData(double fn, double fs, double fa,
+ 				auto lv = grid.data(this->points[lines[idx].idx[j]][0], this->points[lines[idx].idx[j]][1]);
+ 				for (size_t ki = 0; ki < lv.size(); ++ki) {
+ 					int k = lv.at(ki);
++                    if (k < 0 || k >= lines.size()) {
++                        LOG(message_group::Warning,Location::NONE,"",
++                            "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string()));
++                        continue;
++                    }
+ 					if (k == idx || lines[k].disabled) continue;
+ 					goto next_open_path_j;
+ 				}
+@@ -466,13 +471,20 @@ DxfData::DxfData(double fn, double fs, double fa,
+ 			auto lv = grid.data(ref_point[0], ref_point[1]);
+ 			for (size_t ki = 0; ki < lv.size(); ++ki) {
+ 				int k = lv.at(ki);
++                if (k < 0 || k >= lines.size()) {
++                    LOG(message_group::Warning,Location::NONE,"",
++                        "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string()));
++                    continue;
++                }
+ 				if (lines[k].disabled) continue;
+-				if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[0]][0], this->points[lines[k].idx[0]][1])) {
++                auto idk0 = lines[k].idx[0];    // make it easier to read and debug
++                auto idk1 = lines[k].idx[1];
++				if (grid.eq(ref_point[0], ref_point[1], this->points[idk0][0], this->points[idk0][1])) {
+ 					current_line = k;
+ 					current_point = 0;
+ 					goto found_next_line_in_open_path;
+ 				}
+-				if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[1]][0], this->points[lines[k].idx[1]][1])) {
++				if (grid.eq(ref_point[0], ref_point[1], this->points[idk1][0], this->points[idk1][1])) {
+ 					current_line = k;
+ 					current_point = 1;
+ 					goto found_next_line_in_open_path;
+@@ -501,13 +513,20 @@ DxfData::DxfData(double fn, double fs, double fa,
+ 			auto lv = grid.data(ref_point[0], ref_point[1]);
+ 			for (size_t ki = 0; ki < lv.size(); ++ki) {
+ 				int k = lv.at(ki);
++                if (k < 0 || k >= lines.size()) {
++                    LOG(message_group::Warning,Location::NONE,"",
++                        "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string()));
++                    continue;
++                }
+ 				if (lines[k].disabled) continue;
+-				if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[0]][0], this->points[lines[k].idx[0]][1])) {
++                auto idk0 = lines[k].idx[0];    // make it easier to read and debug
++                auto idk1 = lines[k].idx[1];
++				if (grid.eq(ref_point[0], ref_point[1], this->points[idk0][0], this->points[idk0][1])) {
+ 					current_line = k;
+ 					current_point = 0;
+ 					goto found_next_line_in_closed_path;
+ 				}
+-					if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[1]][0], this->points[lines[k].idx[1]][1])) {
++                if (grid.eq(ref_point[0], ref_point[1], this->points[idk1][0], this->points[idk1][1])) {
+ 					current_line = k;
+ 					current_point = 1;
+ 					goto found_next_line_in_closed_path;
diff --git a/backports/openscad/0002-fix-CVE-2022-0497.patch b/backports/openscad/0002-fix-CVE-2022-0497.patch
new file mode 100644
index 0000000..fac3024
--- /dev/null
+++ b/backports/openscad/0002-fix-CVE-2022-0497.patch
@@ -0,0 +1,27 @@
+From 84addf3c1efbd51d8ff424b7da276400bbfa1a4b Mon Sep 17 00:00:00 2001
+From: Torsten Paul <Torsten.Paul@gmx.de>
+Date: Sat, 5 Feb 2022 18:45:29 +0100
+Subject: [PATCH] CVE-2022-0497 Out-of-bounds memory access in comment parser.
+
+Public issue:
+https://github.com/openscad/openscad/issues/4043
+
+Fix in master branch:
+https://github.com/openscad/openscad/pull/4044
+---
+ src/comment.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/comment.cpp b/src/comment.cpp
+index f02ad2c5f6..1ce3ab547b 100644
+--- a/src/comment.cpp
++++ b/src/comment.cpp
+@@ -92,7 +92,7 @@ static std::string getComment(const std::string &fulltext, int line)
+ 	}
+ 
+ 	int end = start + 1;
+-	while (fulltext[end] != '\n') end++;
++	while (end < fulltext.size() && fulltext[end] != '\n') end++;
+ 
+ 	std::string comment = fulltext.substr(start, end - start);
+ 
diff --git a/backports/openscad/0003-fix-build-with-cgal-5.3.patch b/backports/openscad/0003-fix-build-with-cgal-5.3.patch
new file mode 100644
index 0000000..dc3c1ca
--- /dev/null
+++ b/backports/openscad/0003-fix-build-with-cgal-5.3.patch
@@ -0,0 +1,47 @@
+From 9aa0d7e9f2914fe5f547bdde69202161d1c6064d Mon Sep 17 00:00:00 2001
+From: Jordan Brown <github@jordan.maileater.net>
+Date: Sun, 18 Jul 2021 21:01:46 -0700
+Subject: [PATCH] Fix build failure with "generic_print_polyhedron" on
+ CGAL-5.3.
+
+---
+ src/cgalutils-polyhedron.cc | 13 -------------
+ src/cgalutils.h             |  1 -
+ 2 files changed, 14 deletions(-)
+
+diff --git a/src/cgalutils-polyhedron.cc b/src/cgalutils-polyhedron.cc
+index 9f4f98f623..41cca4b3f2 100644
+--- a/src/cgalutils-polyhedron.cc
++++ b/src/cgalutils-polyhedron.cc
+@@ -337,19 +337,6 @@ namespace CGALUtils {
+     }
+ 	};
+ 
+-	template <typename Polyhedron>
+-	std::string printPolyhedron(const Polyhedron &p) {
+-		std::ostringstream sstream;
+-		sstream.precision(20);
+-
+-    Polyhedron_writer writer;
+-    generic_print_polyhedron(sstream, p, writer);
+-		
+-		return sstream.str();
+-	}
+-
+-	template std::string printPolyhedron(const CGAL_Polyhedron &p);
+-
+ }; // namespace CGALUtils
+ 
+ #endif /* ENABLE_CGAL */
+diff --git a/src/cgalutils.h b/src/cgalutils.h
+index 21a01cdba6..c08a3aa7df 100644
+--- a/src/cgalutils.h
++++ b/src/cgalutils.h
+@@ -45,7 +45,6 @@ namespace CGALUtils {
+ 	bool is_approximately_convex(const PolySet &ps);
+ 	Geometry const* applyMinkowski(const Geometry::Geometries &children);
+ 
+-	template <typename Polyhedron> std::string printPolyhedron(const Polyhedron &p);
+ 	template <typename Polyhedron> bool createPolySetFromPolyhedron(const Polyhedron &p, PolySet &ps);
+ 	template <typename Polyhedron> bool createPolyhedronFromPolySet(const PolySet &ps, Polyhedron &p);
+ 	template <class Polyhedron_A, class Polyhedron_B> 
diff --git a/backports/openscad/0004-fix-build-with-cgal-5.4.patch b/backports/openscad/0004-fix-build-with-cgal-5.4.patch
new file mode 100644
index 0000000..f1fedc2
--- /dev/null
+++ b/backports/openscad/0004-fix-build-with-cgal-5.4.patch
@@ -0,0 +1,38 @@
+From abfebc651343909b534ef337aacc7604c99cf0ea Mon Sep 17 00:00:00 2001
+From: Torsten Paul <Torsten.Paul@gmx.de>
+Date: Wed, 2 Feb 2022 02:30:59 +0100
+Subject: [PATCH] CGAL build fix, v5.4 renames projection traits header files
+ and classes.
+
+---
+ src/cgalutils-tess.cc | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/src/cgalutils-tess.cc b/src/cgalutils-tess.cc
+index ec1cc1eeb3..37f8cf08b1 100644
+--- a/src/cgalutils-tess.cc
++++ b/src/cgalutils-tess.cc
+@@ -6,10 +6,12 @@
+ #pragma push_macro("NDEBUG")
+ #undef NDEBUG
+ #include <CGAL/Constrained_Delaunay_triangulation_2.h>
+-#if CGAL_VERSION_NR >= CGAL_VERSION_NUMBER(4,11,0)
+-  #include <CGAL/Triangulation_2_projection_traits_3.h>
++#if CGAL_VERSION_NR < 1050401000
++#include <CGAL/Triangulation_2_projection_traits_3.h>
++typedef CGAL::Triangulation_2_filtered_projection_traits_3<K> Projection;
+ #else
+-  #include <CGAL/Triangulation_2_filtered_projection_traits_3.h>
++#include <CGAL/Projection_traits_3.h>
++typedef CGAL::Filtered_projection_traits_3<K> Projection;
+ #endif
+ #include <CGAL/Triangulation_face_base_with_info_2.h>
+ #pragma pop_macro("NDEBUG")
+@@ -19,7 +21,6 @@ struct FaceInfo {
+   bool in_domain() { return nesting_level%2 == 1; }
+ };
+ 
+-typedef CGAL::Triangulation_2_filtered_projection_traits_3<K> Projection;
+ typedef CGAL::Triangulation_face_base_with_info_2<FaceInfo, K> Fbb;
+ typedef CGAL::Triangulation_data_structure_2<
+ 	CGAL::Triangulation_vertex_base_2<Projection>,
diff --git a/backports/openscad/0005-fix-boost-join.patch b/backports/openscad/0005-fix-boost-join.patch
new file mode 100644
index 0000000..1347c27
--- /dev/null
+++ b/backports/openscad/0005-fix-boost-join.patch
@@ -0,0 +1,62 @@
+From 08bf69b4115c989fc5671254e0d05735d01bcca5 Mon Sep 17 00:00:00 2001
+From: Torsten Paul <Torsten.Paul@gmx.de>
+Date: Wed, 2 Feb 2022 00:50:43 +0100
+Subject: [PATCH] Fix build issue with overloaded join().
+
+---
+ src/openscad.cc | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/src/openscad.cc b/src/openscad.cc
+index a6f648d2a2..3c46cda2af 100644
+--- a/src/openscad.cc
++++ b/src/openscad.cc
+@@ -65,7 +65,6 @@
+ #include <chrono>
+ #include <boost/algorithm/string.hpp>
+ #include <boost/algorithm/string/split.hpp>
+-#include <boost/algorithm/string/join.hpp>
+ #include <boost/range/adaptor/transformed.hpp>
+ #include <boost/program_options.hpp>
+ #include <boost/filesystem.hpp>
+@@ -307,7 +306,7 @@ void set_render_color_scheme(const std::string color_scheme, const bool exit_if_
+ 	}
+ 
+ 	if (exit_if_not_found) {
+-		LOG(message_group::None,Location::NONE,"",(boost::join(ColorMap::inst()->colorSchemeNames(), "\n")));
++		LOG(message_group::None,Location::NONE,"",(boost::algorithm::join(ColorMap::inst()->colorSchemeNames(), "\n")));
+ 
+ 		exit(1);
+ 	} else {
+@@ -885,7 +884,7 @@ struct CommaSeparatedVector
+ };
+ 
+ template <class Seq, typename ToString>
+-std::string join(const Seq &seq, const std::string &sep, const ToString &toString)
++std::string str_join(const Seq &seq, const std::string &sep, const ToString &toString)
+ {
+     return boost::algorithm::join(boost::adaptors::transform(seq, toString), sep);
+ }
+@@ -947,7 +946,7 @@ int main(int argc, char **argv)
+ 		("P,P", po::value<string>(), "customizer parameter set")
+ #ifdef ENABLE_EXPERIMENTAL
+ 		("enable", po::value<vector<string>>(), ("enable experimental features: " +
+-		                                          join(boost::make_iterator_range(Feature::begin(), Feature::end()), " | ",
++		                                          str_join(boost::make_iterator_range(Feature::begin(), Feature::end()), " | ",
+ 		                                               [](const Feature *feature) {
+ 		                                                   return feature->get_name();
+ 		                                               }) +
+@@ -964,11 +963,11 @@ int main(int argc, char **argv)
+ 		("render", po::value<string>()->implicit_value(""), "for full geometry evaluation when exporting png")
+ 		("preview", po::value<string>()->implicit_value(""), "[=throwntogether] -for ThrownTogether preview png")
+ 		("animate", po::value<unsigned>(), "export N animated frames")
+-		("view", po::value<CommaSeparatedVector>(), ("=view options: " + boost::join(viewOptions.names(), " | ")).c_str())
++		("view", po::value<CommaSeparatedVector>(), ("=view options: " + boost::algorithm::join(viewOptions.names(), " | ")).c_str())
+ 		("projection", po::value<string>(), "=(o)rtho or (p)erspective when exporting png")
+ 		("csglimit", po::value<unsigned int>(), "=n -stop rendering at n CSG elements when exporting png")
+ 		("colorscheme", po::value<string>(), ("=colorscheme: " +
+-		                                      join(ColorMap::inst()->colorSchemeNames(), " | ",
++		                                      str_join(ColorMap::inst()->colorSchemeNames(), " | ",
+ 		                                           [](const std::string& colorScheme) {
+ 		                                               return (colorScheme == ColorMap::inst()->defaultColorSchemeName() ? "*" : "") + colorScheme;
+ 		                                           }) +
diff --git a/backports/openscad/APKBUILD b/backports/openscad/APKBUILD
new file mode 100644
index 0000000..0e037f1
--- /dev/null
+++ b/backports/openscad/APKBUILD
@@ -0,0 +1,143 @@
+# Maintainer: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
+pkgname=openscad
+pkgver=2021.01
+pkgrel=11
+pkgdesc="The programmers solid 3D CAD modeller"
+url="http://openscad.org/"
+# Glew and GLES on ARM don't play well with each other
+arch="all !armv7 !aarch64 !armhf"
+license="GPL-2.0-only"
+subpackages="$pkgname-doc"
+makedepends="
+	bison
+	boost-dev
+	cairo-dev
+	cgal-dev
+	cmake
+	double-conversion-dev
+	eigen-dev
+	flex
+	glew-dev
+	gmp-dev
+	harfbuzz-dev
+	libxml2-dev
+	libzip-dev
+	libspnav-dev
+	mpfr-dev
+	opencsg-dev
+	qscintilla-dev
+	qt5-qtbase-dev
+	qt5-qtmultimedia-dev
+	"
+checkdepends="
+	imagemagick
+	mesa
+	mesa-dri-gallium
+	python3
+	xvfb-run
+	"
+source="
+	https://files.openscad.org/openscad-$pkgver.src.tar.gz
+
+	0001-fix-CVE-2022-0496.patch
+	0002-fix-CVE-2022-0497.patch
+	0003-fix-build-with-cgal-5.3.patch
+	0004-fix-build-with-cgal-5.4.patch
+	0005-fix-boost-join.patch
+	"
+
+# Handle tests failing only on some arch's, or building against libs only
+# provided by some arch's.
+case "$CARCH" in
+	x86_64)
+		makedepends="$makedepends lib3mf-dev"
+		export LIB3MF_INCLUDEPATH="/usr/include/lib3mf/Bindings/Cpp"
+		;;
+	x86)
+		makedepends="$makedepends lib3mf-dev"
+		export LIB3MF_INCLUDEPATH="/usr/include/lib3mf/Bindings/Cpp"
+		_arch_failing_tests="
+			3mfpngtest_cube10
+			"
+		;;
+	s390x)
+		_arch_failing_tests="
+			3mfpngtest_cube10
+			cgalbinstlcgalpngtest_bad-stl-pcbvicebar
+			cgalbinstlcgalpngtest_bad-stl-tardis
+			cgalbinstlcgalpngtest_fn_bug
+			cgalbinstlcgalpngtest_issue1225
+			cgalpngtest_import_3mf-tests
+			csgpngtest_import_3mf-tests
+			opencsgtest_import_3mf-tests
+			throwntogethertest_import_3mf-tests
+			"
+		;;
+	*)
+		# lib3mf is not available on all other archs
+		_arch_failing_tests="
+			3mfpngtest_cube10
+			cgalpngtest_import_3mf-tests
+			csgpngtest_import_3mf-tests
+			opencsgtest_import_3mf-tests
+			throwntogethertest_import_3mf-tests
+			"
+		;;
+esac
+
+# secfixes:
+#   2021.01-r2:
+#     - CVE-2022-0496
+#     - CVE-2022-0497
+
+build() {
+	qmake-qt5 PREFIX="/usr"
+	make
+}
+
+check() {
+	cd tests
+	# collect failing tests in a way that creates friendly git diffs
+	local failing_tests
+	failing_tests="
+		3mfexport_3mf-export
+		astdumptest_allexpressions
+		cgalbinstlcgalpngtest_polyhedron-nonplanar-tests
+		cgalpngtest_nef3_broken
+		cgalpngtest_polyhedron-nonplanar-tests
+		cgalstlcgalpngtest_polyhedron-nonplanar-tests
+		csgpngtest_nef3_broken
+		csgpngtest_polyhedron-nonplanar-tests
+		echotest_allexpressions
+		echotest_function-literal-.*
+		lazyunion-.*
+		monotonepngtest_polyhedron-nonplanar-tests
+		opencsgtest_nef3_broken
+		pdfexporttest_centered
+		pdfexporttest_simple-pdf
+		throwntogethertest_nef3_broken
+		$_arch_failing_tests
+		"
+
+	# trim whitespace before and after list and separate expressions by | (regex or)
+	failing_tests="$(echo "$failing_tests" | tr -d '\n' | sed -e 's/^\s*//' -e 's/\s*$//' -e 's/\s\+/|/g')"
+
+	cmake \
+		-DEXPERIMENTAL=OFF \
+		.
+	make
+	xvfb-run ctest -E "$failing_tests"
+}
+
+package() {
+	make INSTALL_ROOT="$pkgdir" install
+}
+
+sha512sums="
+8deaa26bf4c295c12da38f323d2b2e6f827851337f5bc1cc9c79afc083c9f913c19a263086e6e853bf2c8434c1ccc705ea22ddb02dc99d39bb1e5e03fc58d128  openscad-2021.01.src.tar.gz
+369353f13bb6d2bf123af1e25b5f264cd757efa5d0cd8c226a3803a41a0fdb74aff7411ddf91cb394f9cd295e10e05159487fb6e9c2d661280bf060e391bc3da  0001-fix-CVE-2022-0496.patch
+708a491c5a6166bdf92419bce68dbcb4eccbb97ce1880c5a3c919a90ae5af19aa9092e46b81fe8705e8470189d43c4ecad19dece9f1e405681a186c0bd8f5ca4  0002-fix-CVE-2022-0497.patch
+090b8a8e53cc7560695d4065db891a3602923d893d752e3d007a42f2cd32c5f6f444d735d716658fb6f3d979e8cf2489cbff3a58a9070621ab5448a6dbf3372b  0003-fix-build-with-cgal-5.3.patch
+7d3067bcadf5a56b3b21b80f36e8d1fd99047029b86db6803b71760d47a8b199d3485c6486767707273aa57f9a83aaafcb763fe7a1ee295b01a776f7e5db038f  0004-fix-build-with-cgal-5.4.patch
+f0538eb98543a2a15534794f91c35f10d21fe04a8696639a4f08cd98daf63e6efc855b102f41ecb05a1e1bffeecc7c445fcfad7c3a90f32ec28c5a1646863466  0005-fix-boost-join.patch
+"