diff --git a/fix-cve-2024-6472.patch b/fix-cve-2024-6472.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8155bead37702bcd46cbf81a61d883a4c475f516
--- /dev/null
+++ b/fix-cve-2024-6472.patch
@@ -0,0 +1,36 @@
+From bf31368d3f0619c802a5d22577326e0760482277 Mon Sep 17 00:00:00 2001
+From: Sarper Akdemir <sarper.akdemir@allotropia.de>
+Date: Tue, 27 Aug 2024 16:03:14 +0800
+Subject: [PATCH] fix-cve-2024-6472
+
+---
+ sfx2/source/doc/docmacromode.cxx | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
+index 919033cba..84fe410db 100644
+--- a/sfx2/source/doc/docmacromode.cxx
++++ b/sfx2/source/doc/docmacromode.cxx
+@@ -228,14 +228,17 @@ namespace sfx2
+             // check whether the document is signed with trusted certificate
+             if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
+             {
++                SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
++                
+                 // the trusted macro check will also retrieve the signature state ( small optimization )
+                 const SvtSecurityOptions aSecOption;
+                 const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
+                                                  && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE
+-                                                     || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
++                                                     || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
++                                                 && (nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_WARN
++                                                     || nSignatureState == SignatureState::OK);
+                 const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
+ 
+-                SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
+                 if ( nSignatureState == SignatureState::BROKEN )
+                 {
+                     if (!bAllowUIToAddAuthor)
+-- 
+2.33.0
+
diff --git a/libreoffice.spec b/libreoffice.spec
index 16bd3a2201c4b322f0ffd8f88aef73a2db804de4..88a417c4e81b8d730588bad035e6498fb11b00f7 100644
--- a/libreoffice.spec
+++ b/libreoffice.spec
@@ -1,4 +1,4 @@
-%define anolis_release .0.1
+%define anolis_release .0.2
 # download path contains version without the last (fourth) digit
 %global libo_version 7.1.8
 # Should contain .alphaX / .betaX, if this is pre-release (actually
@@ -307,6 +307,9 @@ Patch500: 0001-disable-libe-book-support.patch
 Patch1000: 0001-neon-fit-with-older-gnutls.patch
 Patch1001: 1000-skip-failed-tests-for-anolis.patch
 
+#https://github.com/LibreOffice/core/commit/2587dbff640e2443f0800f9c1a865723500de1c5
+Patch1002: fix-cve-2024-6472.patch
+
 %global instdir %{_libdir}
 %global baseinstdir %{instdir}/libreoffice
 %global sdkinstdir %{baseinstdir}/sdk
@@ -1064,6 +1067,7 @@ git commit -q -a -m 'add Anolis colors to palette'
 %if 0%{?anolis}
 %apply_patch -q %{PATCH1000}
 %apply_patch -q %{PATCH1001}
+%apply_patch -q %{PATCH1002}
 %endif
 
 sed -i -e /CppunitTest_sc_array_functions_test/d sc/Module_sc.mk # ppc64le
@@ -2316,6 +2320,9 @@ gtk-update-icon-cache -q %{_datadir}/icons/hicolor &>/dev/null || :
 %{_includedir}/LibreOfficeKit
 
 %changelog
+* Tue Aug 27 2024 yangxinyu <yangxinyu@nfschina.com> 1:7.1.8.1-12.0.1.2
+- fix cve-2024-6472
+
 * Thu May 16 2024 yangxiaoxuan <yangxiaoxuan@openanolis.org> 1:7.1.8.1-12.0.1.1
 - Add configuration file and vemdor for Anolis OS
 - Fit build on Anolis OS 8