diff --git a/1-bugfix-for-CVE-2025-3887.patch b/1-bugfix-for-CVE-2025-3887.patch
deleted file mode 100644
index dc9deff2e7a79c54c8192e25767bc269232cb194..0000000000000000000000000000000000000000
--- a/1-bugfix-for-CVE-2025-3887.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-diff -up a/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gsth265parser.c b/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gsth265parser.c
---- a/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gsth265parser.c	2025-01-06 20:48:08.000000000 +0100
-+++ b/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gsth265parser.c	2025-05-22 10:53:03.155734020 +0200
-@@ -72,6 +72,8 @@
- #include <string.h>
- #include <math.h>
- 
-+#define MAX_DPB_SIZE 16
-+
- #ifndef GST_DISABLE_GST_DEBUG
- #define GST_CAT_DEFAULT gst_h265_debug_category_get()
- static GstDebugCategory *
-@@ -1897,7 +1899,7 @@ gst_h265_parse_vps (GstH265NalUnit * nal
-   for (i =
-       (vps->sub_layer_ordering_info_present_flag ? 0 :
-           vps->max_sub_layers_minus1); i <= vps->max_sub_layers_minus1; i++) {
--    READ_UE_MAX (&nr, vps->max_dec_pic_buffering_minus1[i], G_MAXUINT32 - 1);
-+    READ_UE_MAX (&nr, vps->max_dec_pic_buffering_minus1[i], MAX_DPB_SIZE - 1);
-     READ_UE_MAX (&nr, vps->max_num_reorder_pics[i],
-         vps->max_dec_pic_buffering_minus1[i]);
-     READ_UE_MAX (&nr, vps->max_latency_increase_plus1[i], G_MAXUINT32 - 1);
-@@ -2084,7 +2086,7 @@ gst_h265_parse_sps (GstH265Parser * pars
-   for (i =
-       (sps->sub_layer_ordering_info_present_flag ? 0 :
-           sps->max_sub_layers_minus1); i <= sps->max_sub_layers_minus1; i++) {
--    READ_UE_MAX (&nr, sps->max_dec_pic_buffering_minus1[i], 16);
-+    READ_UE_MAX (&nr, sps->max_dec_pic_buffering_minus1[i], MAX_DPB_SIZE - 1);
-     READ_UE_MAX (&nr, sps->max_num_reorder_pics[i],
-         sps->max_dec_pic_buffering_minus1[i]);
-     READ_UE_MAX (&nr, sps->max_latency_increase_plus1[i], G_MAXUINT32 - 1);
-@@ -2813,6 +2815,8 @@ gst_h265_parser_parse_slice_hdr (GstH265
-       READ_UINT8 (&nr, slice->colour_plane_id, 2);
- 
-     if (!GST_H265_IS_NAL_TYPE_IDR (nalu->type)) {
-+      const GstH265ShortTermRefPicSet *ref_pic_sets = NULL;
-+
-       READ_UINT16 (&nr, slice->pic_order_cnt_lsb,
-           (sps->log2_max_pic_order_cnt_lsb_minus4 + 4));
- 
-@@ -2829,24 +2833,56 @@ gst_h265_parser_parse_slice_hdr (GstH265
-         slice->short_term_ref_pic_set_size =
-             (nal_reader_get_pos (&nr) - pos) -
-             (8 * (nal_reader_get_epb_count (&nr) - epb_pos));
-+
-+        ref_pic_sets = &slice->short_term_ref_pic_sets;
-       } else if (sps->num_short_term_ref_pic_sets > 1) {
-         /*  7.4.7.1 short_term_ref_pic_set_idx */
-         const guint n = gst_util_ceil_log2 (sps->num_short_term_ref_pic_sets);
-         READ_UINT8 (&nr, slice->short_term_ref_pic_set_idx, n);
-         CHECK_ALLOWED_MAX (slice->short_term_ref_pic_set_idx,
-             sps->num_short_term_ref_pic_sets - 1);
-+        ref_pic_sets =
-+            &sps->short_term_ref_pic_set[slice->short_term_ref_pic_set_idx];
-+      } else {
-+        ref_pic_sets = &sps->short_term_ref_pic_set[0];
-       }
- 
-       if (sps->long_term_ref_pics_present_flag) {
-         guint32 limit;
-         guint pos = nal_reader_get_pos (&nr);
-         guint epb_pos = nal_reader_get_epb_count (&nr);
-+        gint max_num_long_term_pics = 0;
-+        gint TwoVersionsOfCurrDecPicFlag = 0;
- 
--        if (sps->num_long_term_ref_pics_sps > 0)
-+        if (sps->num_long_term_ref_pics_sps > 0) {
-           READ_UE_MAX (&nr, slice->num_long_term_sps,
-               sps->num_long_term_ref_pics_sps);
-+        }
-+
-+        /* 7.4.3.3.3 */
-+        if (pps->pps_scc_extension_flag &&
-+            pps->pps_scc_extension_params.pps_curr_pic_ref_enabled_flag &&
-+            (sps->sample_adaptive_offset_enabled_flag ||
-+                !pps->deblocking_filter_disabled_flag ||
-+                pps->deblocking_filter_override_enabled_flag)) {
-+          TwoVersionsOfCurrDecPicFlag = 1;
-+        }
-+
-+        /* Calculated upper bound num_long_term_pics can have. 7.4.7.1 */
-+        max_num_long_term_pics =
-+            /* sps_max_dec_pic_buffering_minus1[TemporalId], allowed max is
-+             * MaxDpbSize - 1 */
-+            MAX_DPB_SIZE - 1
-+            - (gint) slice->num_long_term_sps
-+            - (gint) ref_pic_sets->NumNegativePics
-+            - (gint) ref_pic_sets->NumPositivePics -
-+            TwoVersionsOfCurrDecPicFlag;
-+        if (max_num_long_term_pics < 0) {
-+          GST_WARNING ("Invalid stream, too many reference pictures");
-+          goto error;
-+        }
- 
--        READ_UE_MAX (&nr, slice->num_long_term_pics, 16);
-+        READ_UE_MAX (&nr, slice->num_long_term_pics, max_num_long_term_pics);
-         limit = slice->num_long_term_sps + slice->num_long_term_pics;
-         for (i = 0; i < limit; i++) {
-           if (i < slice->num_long_term_sps) {
diff --git a/gst-plugins-bad-free-1.24.10.tar.xz b/gst-plugins-bad-free-1.26.4.tar.xz
similarity index 49%
rename from gst-plugins-bad-free-1.24.10.tar.xz
rename to gst-plugins-bad-free-1.26.4.tar.xz
index 4a13d71115d463878751eb019686ad0395f655f3..7c80e169abbe5c4549f8e5ffa4f931f4c7ce7f68 100644
Binary files a/gst-plugins-bad-free-1.24.10.tar.xz and b/gst-plugins-bad-free-1.26.4.tar.xz differ
diff --git a/gstreamer1-plugins-bad-free.spec b/gstreamer1-plugins-bad-free.spec
index 98337a1dc36eb4af85187f2e2dc5a9d1e5971f98..e9313ad43f34eef31876069081e296d2f10f7d02 100644
--- a/gstreamer1-plugins-bad-free.spec
+++ b/gstreamer1-plugins-bad-free.spec
@@ -1,10 +1,10 @@
-%define         anolis_release  2
+%define         anolis_release  1
 %global         majorminor 1.0
 %global         _gobject_introspection  1.31.1
 %bcond_with extras
 
 Name:           gstreamer1-plugins-bad-free
-Version:        1.24.10
+Version:        1.26.4
 Release:        %{anolis_release}%{?dist}
 Summary:        GStreamer streaming media framework "bad" plugins
 
@@ -19,7 +19,6 @@ URL:            http://gstreamer.freedesktop.org/
 Source0:        gst-plugins-bad-free-%{version}.tar.xz
 Source1:        gst-p-bad-cleanup.sh
 
-Patch1: 1-bugfix-for-CVE-2025-3887.patch
 BuildRequires:  gcc-c++ meson >= 0.48.0
 BuildRequires:  check
 BuildRequires:  glslc
@@ -266,13 +265,22 @@ This package contains the documentation for the plug-ins.
     %{!?with_extras:-D musepack=disabled } \
     -D svthevcenc=disabled -D voaacenc=disabled \
     -D zxing=disabled -D wpe=disabled -D x11=disabled \
-    %{!?with_extras:-D ldac=disabled } 		\
-    %{!?with_extras:-D qroverlay=disabled } 		\
+    %{!?with_extras:-D ldac=disabled } \
+    %{!?with_extras:-D qroverlay=disabled } \
     -D gs=disabled -D isac=disabled \
     -D onnx=disabled -D openaptx=disabled -Dgpl=enabled \
     -D amfcodec=disabled -D directshow=disabled -D qsv=disabled \
     %{!?with_webrtcdsp:-D webrtcdsp=disabled } \
-    -D aja=disabled -D qt6d3d11=disabled
+    -D aja=disabled -D qt6d3d11=disabled \
+    -D cuda-nvmm=disabled -D cuda-nvmm-include-path=disabled \
+    -D androidmedia=disabled \
+    -D lcevcdecoder=disabled -D lcevcencoder=disabled \
+    -D nvcomp=disabled \
+    -D nvcomp-sdk-path=disabled \
+    -D nvds-include-path=disabled \
+    -D nvds-lib-path=disabled \
+    -D nvdswrapper=disabled \
+    -D svtjpegxs=disabled
 
 %meson_build
 
@@ -456,6 +464,7 @@ EOF
 %{_libdir}/gstreamer-%{majorminor}/libgstlv2.so
 %{_libdir}/gstreamer-%{majorminor}/libgstttmlsubs.so
 %endif
+%{_libdir}/gstreamer-%{majorminor}/libgsttensordecoders.so
 
 #debugging plugin
 %{_libdir}/gstreamer-%{majorminor}/libgstdebugutilsbad.so
@@ -548,6 +557,10 @@ EOF
 %doc docs/*
 
 %changelog
+* Fri Jul 25 2025 tomcruiseqi <tomcruiseqi@inspur.com> - 1.26.4-1
+- Update to 1.26.4 to fix CVE-2025-6663
+- CVE-2025-3887 has been fixed in this release, remove the patch
+
 * Fri Jul 04 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 1.24.10-2
 - Fix CVE-2025-3887