diff --git a/libytnef-1.5.tar.bz b/libytnef-1.5.tar.bz
new file mode 100644
index 0000000..6bbe1d0
Binary files /dev/null and b/libytnef-1.5.tar.bz differ
diff --git a/libytnef-bufferoverflow.patch b/libytnef-bufferoverflow.patch
new file mode 100644
index 0000000..4498729
--- /dev/null
+++ b/libytnef-bufferoverflow.patch
@@ -0,0 +1,30 @@
+From 492f2ea1326d7825943f48aff31ed0ddc89fd2b7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Wed, 4 Jul 2012 17:04:44 +0200
+Subject: [PATCH] Fix off-by-one error when copying RTF header
+
+The RTF header (RTF_PREBUF) string is copied to temporary buffer. The
+terminating '\0' is never accessed, so it's not needed and cannot be
+written after the allocated buffer.
+
+<http://sourceforge.net/tracker/?func=detail&aid=2949686&group_id=70352&atid=527487>
+<https://bugzilla.redhat.com/show_bug.cgi?id=831322>
+---
+ ytnef.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/ytnef.c b/ytnef.c
+index 482ecdc..970c048 100644
+--- a/ytnef.c
++++ b/ytnef.c
+@@ -1328,7 +1328,7 @@ unsigned char *DecompressRTF(variableLength *p, int *size) {
+ 
+     comp_Prebuf.size = strlen(RTF_PREBUF);
+     comp_Prebuf.data = calloc(comp_Prebuf.size, 1);
+-    strcpy(comp_Prebuf.data, RTF_PREBUF);
++    memcpy(comp_Prebuf.data, RTF_PREBUF, comp_Prebuf.size);
+ 
+     src = p->data;
+     in = 0;
+-- 
+1.7.7.6
diff --git a/libytnef.spec b/libytnef.spec
new file mode 100644
index 0000000..b333f23
--- /dev/null
+++ b/libytnef.spec
@@ -0,0 +1,68 @@
+Name:           libytnef
+Version:        1.5
+Release:        1
+Summary:        TNEF Stream Parser Library
+
+Group:          System Environment/Libraries
+License:        GPL+
+URL:            http://ytnef.sf.net
+Source0:        http://dl.sf.net/ytnef/libytnef-1.5.tar.bz
+# fixes potential bufferoverflow
+# rhbz#831322
+Patch0:         libytnef-bufferoverflow.patch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+
+%description
+TNEF Stream Parser Library, used by "ytnef" to decode TNEF (winmail.dat)
+streams generated by Microsoft Outlook.
+
+
+%package        devel
+Summary:        Development files for %{name}
+Group:          Development/Libraries
+Requires:       %{name} = %{version}-%{release}
+
+%description    devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use %{name}.
+
+
+%prep
+%setup -q
+%patch0 -p1 -b.bufferoverflow
+
+%build
+%configure --disable-static
+make %{?_smp_mflags}
+
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install DESTDIR=$RPM_BUILD_ROOT includedir=%{_includedir}/%{name}
+find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+
+%files
+%defattr(-,root,root,-)
+%doc ChangeLog COPYING
+%{_libdir}/*.so.*
+
+%files devel
+%defattr(-,root,root,-)
+%{_includedir}/%{name}/
+%{_libdir}/*.so
+
+
+%changelog
+* Wen Sep 22 2021 douyan <douyan@kylinos.cn> - 1.5.1-1
+- Init package for openEuler
\ No newline at end of file