diff --git a/0001-Fix-man.el-shell-injection-vulnerability.patch b/0001-Fix-man.el-shell-injection-vulnerability.patch
new file mode 100644
index 0000000000000000000000000000000000000000..de964002155097fe3a39f2245ae89860d66b443b
--- /dev/null
+++ b/0001-Fix-man.el-shell-injection-vulnerability.patch
@@ -0,0 +1,57 @@
+From 820f0793f0b46448928905552726c1f1b999062f Mon Sep 17 00:00:00 2001
+From: Xi Lu <lx@shellcodes.org>
+Date: Tue, 10 Oct 2023 22:20:05 +0800
+Subject: [PATCH] Fix man.el shell injection vulnerability
+
+* lisp/man.el (Man-translate-references): Fix shell injection
+vulnerability.  (Bug#66390)
+* test/lisp/man-tests.el (man-tests-Man-translate-references): New
+test.
+---
+ lisp/man.el            |  6 +++++-
+ test/lisp/man-tests.el | 12 ++++++++++++
+ 2 files changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/lisp/man.el b/lisp/man.el
+index 55cb9383bec..d96396483d3 100644
+--- a/lisp/man.el
++++ b/lisp/man.el
+@@ -761,7 +761,11 @@ and the `Man-section-translations-alist' variables)."
+       (setq name (match-string 2 ref)
+ 	    section (match-string 1 ref))))
+     (if (string= name "")
+-	ref				; Return the reference as is
++        ;; see Bug#66390
++	(mapconcat 'identity
++                   (mapcar #'shell-quote-argument
++                           (split-string ref "\\s-+"))
++                   " ")                 ; Return the reference as is
+       (if Man-downcase-section-letters-flag
+ 	  (setq section (downcase section)))
+       (while slist
+diff --git a/test/lisp/man-tests.el b/test/lisp/man-tests.el
+index 140482ee622..11f5f805e43 100644
+--- a/test/lisp/man-tests.el
++++ b/test/lisp/man-tests.el
+@@ -161,6 +161,18 @@ DESCRIPTION
+           (let ((button (button-at (match-beginning 0))))
+             (should (and button (eq 'Man-xref-header-file (button-type button))))))))))
+ 
++(ert-deftest man-tests-Man-translate-references ()
++  (should (equal (Man-translate-references "basename")
++                 "basename"))
++  (should (equal (Man-translate-references "basename(3)")
++                 "3 basename"))
++  (should (equal (Man-translate-references "basename(3v)")
++                 "3v basename"))
++  (should (equal (Man-translate-references ";id")
++                 "\\;id"))
++  (should (equal (Man-translate-references "-k basename")
++                 "-k basename")))
++
+ (provide 'man-tests)
+ 
+ ;;; man-tests.el ends here
+-- 
+2.39.3
+
diff --git a/emacs.spec b/emacs.spec
index a2d38cedc10676db64feb0e2509cd4f8c5125f3b..4782e97f2fad4a0e3b32585fa4dd5adfa2a10b88 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -1,4 +1,4 @@
-%define anolis_release 1
+%define anolis_release 2
 %global _hardened_build 1
 
 # This file is encoded in UTF-8.  -*- coding: utf-8 -*-
@@ -18,6 +18,7 @@ Source6:       emacs-terminal.sh
 Patch1:        emacs-spellchecker.patch
 Patch2:        emacs-system-crypto-policies.patch
 Patch3:        emacs-libdir-vs-systemd.patch
+Patch4:        0001-Fix-man.el-shell-injection-vulnerability.patch
 
 BuildRequires: gcc
 BuildRequires: atk-devel
@@ -511,6 +512,9 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Wed Mar 05 2025 yangjinlin01 <yangjinlin01@inspur.com> - 1:29.4-2
+- fix the CVE-2025-1244
+
 * Fri Nov 08 2024 mgb01105731 <mgb01105731@alibaba-inc.com> - 1:29.4-1
 - update to 29.4
 - fix CVE-2024-30202 CVE-2024-30203 CVE-2024-30204 CVE-2024-30205