diff --git a/CVE-2018-20969-and-CVE-2019-13638.patch b/CVE-2018-20969-and-CVE-2019-13638.patch
new file mode 100644
index 0000000..4c665de
--- /dev/null
+++ b/CVE-2018-20969-and-CVE-2019-13638.patch
@@ -0,0 +1,42 @@
+From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Fri Apr 06 20:50:06 2018
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Fri, 06 Apr 2018 19:36:15 +0200
+Subject: [PATCH] Invoke ed directly instead of using the shell
+* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
+command to avoid quoting vulnerabilities.
+
+fix CVE-2019-13638  CVE-2018-20969
+
+https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
+
+---
+ src/pch.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/pch.c b/src/pch.c
+index a602cbb..250308d 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -2471,9 +2471,6 @@ do_ed_script (char const *inname, char const *outname,
+            *outname_needs_removal = true;
+            copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+          }
+-       sprintf (buf, "%s %s%s", editor_program,
+-                verbosity == VERBOSE ? "" : "- ",
+-                outname);
+        fflush (stdout);
+
+        pid = fork();
+@@ -2482,7 +2479,8 @@ do_ed_script (char const *inname, char const *outname,
+        else if (pid == 0)
+          {
+            dup2 (tmpfd, 0);
+-           execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
++           assert (outname[0] != '!' && outname[0] != '-');
++           execlp (editor_program, editor_program, "-", outname, (char  *) NULL);
+            _exit (2);
+          }
+        else
+--
+1.8.3.1
+
diff --git a/patch.spec b/patch.spec
index 932e93e..7a9555e 100644
--- a/patch.spec
+++ b/patch.spec
@@ -1,6 +1,6 @@
 Name:		patch
 Version:	2.7.6
-Release:	7
+Release:	9
 Summary:	Utiliity which applies a patch file to original files.
 License:	GPLv3+
 URL:	 	http://www.gnu.org/software/patch/patch.html
@@ -12,6 +12,7 @@ Patch6001: 	Fix-check-of-return-value-of-fwrite.patch
 Patch6002: 	Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
 Patch6003: 	Don-t-leak-temporary-file-on-failed-multi-file-ed-st.patch
 Patch6004: 	Fix-swapping-fake-lines-in-pch_swap.patch
+Patch6005:      CVE-2018-20969-and-CVE-2019-13638.patch
 
 BuildRequires:	gcc libselinux-devel libattr-devel ed
 Buildroot:	%{_tmppath}/%{name}-%{version}-%{release}-root-root
@@ -54,6 +55,18 @@ make check
 %{_mandir}/man1/*
 
 %changelog
+* Mon Dec 23 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.7.6-9
+- Type:NA
+- ID:NA
+- SUG:NA
+- DESC:modify email adress
+
+* Mon Dec 16 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.7.6-8
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC:fix CVE-2018-20969 CVE-2019-13638
+
 * Mon Oct 21 2019 shenyangyang <shenyangyang4@huawei.com> - 2.7.6-7
 - Type:NA
 - ID:NA