diff --git a/CVE-2019-6461.patch b/CVE-2019-6461.patch
new file mode 100644
index 0000000000000000000000000000000000000000..976d307a9a390737c28e6644fb7ac9e3a4e39863
--- /dev/null
+++ b/CVE-2019-6461.patch
@@ -0,0 +1,14 @@
+diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+index 390397bae..1bde774a4 100644
+--- a/src/cairo-arc.c
++++ b/src/cairo-arc.c
+@@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t	  *cr,
+     if (cairo_status (cr))
+         return;
+ 
+-    assert (angle_max >= angle_min);
++    if (angle_max < angle_min)
++       return;
+ 
+     if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+ 	angle_max = fmod (angle_max - angle_min, 2 * M_PI);
diff --git a/CVE-2019-6462.patch b/CVE-2019-6462.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8d82d148a009d90812ac0213008be90bec83600f
--- /dev/null
+++ b/CVE-2019-6462.patch
@@ -0,0 +1,13 @@
+diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+index 390397bae..f9249dbeb 100644
+--- a/src/cairo-arc.c
++++ b/src/cairo-arc.c
+@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+     do {
+ 	angle = M_PI / i++;
+ 	error = _arc_error_normalized (angle);
+-    } while (error > tolerance);
++    } while (error > tolerance && error > __DBL_EPSILON__);
+ 
+     return angle;
+ }
diff --git a/cairo.spec b/cairo.spec
index 4e1105567c74476b7c7d1a5dd9f2a61c1c341a66..1fd72a6dbf1de2c35d4b8478104eaf80ad6e8818 100644
--- a/cairo.spec
+++ b/cairo.spec
@@ -2,7 +2,7 @@
 
 Name:           cairo
 Version:        1.16.0
-Release:        1
+Release:        2
 Summary:        A 2D graphics library
 License:        LGPLv2 or MPLv1.1
 URL:            http://cairographics.org
@@ -12,6 +12,8 @@ Patch0001:	0001-Set-default-LCD-filter-to-FreeType-s-default.patch
 Patch0002:	0002-ft-Use-FT_Done_MM_Var-instead-of-free-when-available.patch
 Patch0003:	0003-cairo-composite_color_glyphs.patch
 Patch0004:	0004-cff-Allow-empty-array-of-operands-for-certain-operat.patch
+Patch6000:      CVE-2019-6461.patch
+Patch6001:      CVE-2019-6462.patch
 
 BuildRequires:  pkgconfig glib2-devel librsvg2-devel
 BuildRequires:  libXrender-devel libX11-devel libpng-devel libxml2-devel
@@ -81,6 +83,9 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
 %{_bindir}/cairo-trace
 
 %changelog
+* Thu Sep 17 2020 zhanaghua <zhanghua40@huawei.com> - 1.16.0-2
+- Fix CVE-2019-6461, CVE-2019-6462
+
 * Mon Jul 13 2020 jinzhimin <jinzhimin2@huawei.com> - 1.16.0-1
 - Version upgrade