diff --git a/NEWS b/NEWS
index 4307c4b1b0..0335fb98e5 100644
--- a/NEWS
+++ b/NEWS
@@ -58,7 +58,9 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
-  [Add security related changes here]
+  CVE-2020-27618: An infinite loop has been fixed in the iconv program when
+  invoked with input containing redundant shift sequences in the IBM1364,
+  IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
 
 The following bugs are resolved with this release:
 
diff --git a/iconv/tst-iconv_prog.sh b/iconv/tst-iconv_prog.sh
index 8298136b7f..d8db7b335c 100644
--- a/iconv/tst-iconv_prog.sh
+++ b/iconv/tst-iconv_prog.sh
@@ -102,12 +102,16 @@ hangarray=(
 "\x00\x80;-c;IBM1161;UTF-8//TRANSLIT//IGNORE"
 "\x00\xdb;-c;IBM1162;UTF-8//TRANSLIT//IGNORE"
 "\x00\x70;-c;IBM12712;UTF-8//TRANSLIT//IGNORE"
-# These are known hangs that are yet to be fixed:
-# "\x00\x0f;-c;IBM1364;UTF-8"
-# "\x00\x0f;-c;IBM1371;UTF-8"
-# "\x00\x0f;-c;IBM1388;UTF-8"
-# "\x00\x0f;-c;IBM1390;UTF-8"
-# "\x00\x0f;-c;IBM1399;UTF-8"
+"\x00\x0f;-c;IBM1364;UTF-8"
+"\x0e\x0e;-c;IBM1364;UTF-8"
+"\x00\x0f;-c;IBM1371;UTF-8"
+"\x0e\x0e;-c;IBM1371;UTF-8"
+"\x00\x0f;-c;IBM1388;UTF-8"
+"\x0e\x0e;-c;IBM1388;UTF-8"
+"\x00\x0f;-c;IBM1390;UTF-8"
+"\x0e\x0e;-c;IBM1390;UTF-8"
+"\x00\x0f;-c;IBM1399;UTF-8"
+"\x0e\x0e;-c;IBM1399;UTF-8"
 "\x00\x53;-c;IBM16804;UTF-8//TRANSLIT//IGNORE"
 "\x00\x41;-c;IBM274;UTF-8//TRANSLIT//IGNORE"
 "\x00\x41;-c;IBM275;UTF-8//TRANSLIT//IGNORE"
diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
index 49e7267ab4..521f0825b7 100644
--- a/iconvdata/ibm1364.c
+++ b/iconvdata/ibm1364.c
@@ -158,24 +158,14 @@ enum
 									      \
     if (__builtin_expect (ch, 0) == SO)					      \
       {									      \
-	/* Shift OUT, change to DBCS converter.  */			      \
-	if (curcs == db)						      \
-	  {								      \
-	    result = __GCONV_ILLEGAL_INPUT;				      \
-	    break;							      \
-	  }								      \
+	/* Shift OUT, change to DBCS converter (redundant escape okay).  */   \
 	curcs = db;							      \
 	++inptr;							      \
 	continue;							      \
       }									      \
     if (__builtin_expect (ch, 0) == SI)					      \
       {									      \
-	/* Shift IN, change to SBCS converter.  */			      \
-	if (curcs == sb)						      \
-	  {								      \
-	    result = __GCONV_ILLEGAL_INPUT;				      \
-	    break;							      \
-	  }								      \
+	/* Shift IN, change to SBCS converter (redundant escape okay).  */    \
 	curcs = sb;							      \
 	++inptr;							      \
 	continue;							      \