diff --git a/0001-fix-CVE-2024-34062.patch b/0001-fix-CVE-2024-34062.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a1cec5f0d7ee218c30fef239ff9f967cf563cc76
--- /dev/null
+++ b/0001-fix-CVE-2024-34062.patch
@@ -0,0 +1,51 @@
+diff --git a/tqdm/cli.py b/tqdm/cli.py
+index 1223d4977..7284f28d5 100644
+--- a/tqdm/cli.py
++++ b/tqdm/cli.py
+@@ -21,23 +21,34 @@ def cast(val, typ):
+                 return cast(val, t)
+             except TqdmTypeError:
+                 pass
+-        raise TqdmTypeError(val + ' : ' + typ)
++        raise TqdmTypeError(f"{val} : {typ}")
+ 
+     # sys.stderr.write('\ndebug | `val:type`: `' + val + ':' + typ + '`.\n')
+     if typ == 'bool':
+         if (val == 'True') or (val == ''):
+             return True
+-        elif val == 'False':
++        if val == 'False':
+             return False
+-        else:
+-            raise TqdmTypeError(val + ' : ' + typ)
+-    try:
+-        return eval(typ + '("' + val + '")')
+-    except Exception:
+-        if typ == 'chr':
+-            return chr(ord(eval('"' + val + '"'))).encode()
+-        else:
+-            raise TqdmTypeError(val + ' : ' + typ)
++        raise TqdmTypeError(val + ' : ' + typ)
++    if typ == 'chr':
++        if len(val) == 1:
++            return val.encode()
++        if re.match(r"^\\\w+$", val):
++            return eval(f'"{val}"').encode()
++        raise TqdmTypeError(f"{val} : {typ}")
++    if typ == 'str':
++        return val
++    if typ == 'int':
++        try:
++            return int(val)
++        except ValueError as exc:
++            raise TqdmTypeError(f"{val} : {typ}") from exc
++    if typ == 'float':
++        try:
++            return float(val)
++        except ValueError as exc:
++            raise TqdmTypeError(f"{val} : {typ}") from exc
++    raise TqdmTypeError(f"{val} : {typ}")
+ 
+ 
+ def posix_pipe(fin, fout, delim=b'\\n', buf_size=256,
+
diff --git a/python-tqdm.spec b/python-tqdm.spec
index 223e5ddfdba547ca12639680b2cd9a606625df8e..633a2aee7c8e3679034ad08b68b5eb1973eaf886 100644
--- a/python-tqdm.spec
+++ b/python-tqdm.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release 3
 
 %global modname tqdm
 %global srcname %{modname}
@@ -16,6 +16,9 @@ License:        MPLv2.0 and MIT
 URL:            https://github.com/tqdm/tqdm
 Source0:        %{pypi_source}
 
+# https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721
+Patch0:         0001-fix-CVE-2024-34062.patch
+
 BuildArch:      noarch
 
 BuildRequires:  python3-devel
@@ -62,7 +65,7 @@ BuildArch:      noarch
 The python3-%{modname}-doc package contains documentation files for python3-%{modname}.
 
 %prep
-%autosetup -n %{modname}-%{version}
+%autosetup -n %{modname}-%{version} -p1
 chmod -x tqdm/completion.sh
 
 # https://github.com/tqdm/tqdm/pull/1292
@@ -102,6 +105,9 @@ install -Dpm0644 \
 %doc README.rst examples
 
 %changelog
+* Wed Nov 20 2024 Zhao Zhiyuan <zhaozhiyuan05@ieisystem.com> - 4.65.0-3
+- fix CVE-2024-34062
+
 * Mon Mar 11 2024 Zhao Hang <wb-zh951434@alibaba-inc.com> - 4.65.0-2
 - Rebuild with python3.11