diff --git a/backport-doc-od-strings-clarify-operation.patch b/backport-doc-od-strings-clarify-operation.patch
new file mode 100644
index 0000000000000000000000000000000000000000..51b7f0b26890f801f37081c5f5a5f9fb2b042765
--- /dev/null
+++ b/backport-doc-od-strings-clarify-operation.patch
@@ -0,0 +1,51 @@
+From 66ea09b0fecb4fa1e4de78e3738bdbb1442b3f31 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Thu, 8 Jun 2023 10:58:10 +0100
+Subject: [PATCH] doc: od --strings: clarify operation
+
+* doc/coreutils.texi (od invocation): Remove mention of ASCII,
+as all printable characters in unibyte locales are output.
+* src/od.c (usage): Clarify that only NUL terminated strings
+are displayed, and that it's printable chars, not only graphic chars
+that are output. I.e., spaces are output also if part of the string.
+Reported at https://bugs.ddebian.org/1037217
+
+Reference:https://github.com/coreutils/coreutils/commit/66ea09b0fecb4fa1e4de78e3738bdbb1442b3f31
+Conflict:NA
+
+---
+ doc/coreutils.texi | 2 +-
+ src/od.c           | 5 ++---
+ 2 files changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/doc/coreutils.texi b/doc/coreutils.texi
+index 6a693e283..e9d7b8eb4 100644
+--- a/doc/coreutils.texi
++++ b/doc/coreutils.texi
+@@ -2058,7 +2058,7 @@ Output at most @var{bytes} bytes of the input.  Prefixes and suffixes on
+ @opindex --strings
+ @cindex string constants, outputting
+ Instead of the normal output, output only @dfn{string constants}: at
+-least @var{bytes} consecutive ASCII graphic characters,
++least @var{bytes} consecutive printable characters,
+ followed by a zero byte (ASCII NUL).
+ Prefixes and suffixes on @var{bytes} are interpreted as for the
+ @option{-j} option.
+diff --git a/src/od.c b/src/od.c
+index 10a28e21f..f68407008 100644
+--- a/src/od.c
++++ b/src/od.c
+@@ -356,9 +356,8 @@ suffixes may be . for octal and b for multiply by 512.\n\
+ "), stdout);
+       fputs (_("\
+   -N, --read-bytes=BYTES      limit dump to BYTES input bytes\n\
+-  -S BYTES, --strings[=BYTES]  output strings of at least BYTES graphic chars;\
+-\n\
+-                                3 is implied when BYTES is not specified\n\
++  -S BYTES, --strings[=BYTES]  show only NUL terminated strings\n\
++                                of at least BYTES (3) printable characters\n\
+   -t, --format=TYPE           select output format or formats\n\
+   -v, --output-duplicates     do not use * to mark line suppression\n\
+   -w[BYTES], --width[=BYTES]  output BYTES bytes per output line;\n\
+-- 
+2.27.0
diff --git a/backport-setenv-Don-t-crash-if-malloc-returns-NULL.patch b/backport-setenv-Don-t-crash-if-malloc-returns-NULL.patch
new file mode 100644
index 0000000000000000000000000000000000000000..97032ea51c5ec97cc4697a96be60e6d5266f77ea
--- /dev/null
+++ b/backport-setenv-Don-t-crash-if-malloc-returns-NULL.patch
@@ -0,0 +1,46 @@
+From 6c9b59a9c20c1422346f74ae3cd558f3317deb6a Mon Sep 17 00:00:00 2001
+From: Bruno Haible <bruno@clisp.org>
+Date: Fri, 2 Jun 2023 20:11:36 +0200
+Subject: [PATCH] setenv: Don't crash if malloc() returns NULL.
+
+* lib/setenv.c (rpl_setenv): Check malloca() return value.
+
+Reference:https://github.com/coreutils/gnulib/commit/6c9b59a9c20c1422346f74ae3cd558f3317deb6a
+Conflict:Changelog Context adaptation
+
+---
+ ChangeLog    | 5 +++++
+ lib/setenv.c | 5 +++++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/ChangeLog b/ChangeLog
+index 98cfffd..771b490 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,8 @@
++2023-06-02  Bruno Haible  <bruno@clisp.org>
++
++        setenv: Don't crash if malloc() returns NULL.
++        * lib/setenv.c (rpl_setenv): Check malloca() return value.
++
+ 2020-03-05  Pádraig Brady  <P@draigBrady.com>
+
+ 	version 8.32
+diff --git a/lib/setenv.c b/lib/setenv.c
+index f0b889969f..22b12fd018 100644
+--- a/lib/setenv.c
++++ b/lib/setenv.c
+@@ -375,6 +375,11 @@ rpl_setenv (const char *name, const char *value, int replace)
+           int saved_errno;
+           size_t len = strlen (value);
+           tmp = malloca (len + 2);
++          if (tmp == NULL)
++            {
++              errno = ENOMEM;
++              return -1;
++            }
+           /* Since leading '=' is eaten, double it up.  */
+           *tmp = '=';
+           memcpy (tmp + 1, value, len + 1);
+-- 
+2.27.0
diff --git a/backport-tac-handle-short-reads-on-input.patch b/backport-tac-handle-short-reads-on-input.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a507c23d8fb038e56215b01a4f1efb2ca5833cef
--- /dev/null
+++ b/backport-tac-handle-short-reads-on-input.patch
@@ -0,0 +1,69 @@
+From 779f34e180fdcabddb24acc2829410ce8ed50fd1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Mon, 31 Jul 2023 12:41:26 +0100
+Subject: [PATCH] tac: handle short reads on input
+
+This can be reproduced by getting the read() above 2G,
+which induces a short read, thus triggering the erroneous failure.
+
+  $ truncate -s 5G 5G
+
+  $ cat 5G | TMPDIR=$PWD tac | wc -c
+  tac: /tmp/tacFt7txA: read error: Illegal seek
+  0
+
+With the fix in place we now get:
+
+  $ cat 5G | TMPDIR=$PWD src/tac | wc -c
+  5368709120
+
+* src/tac.c (tac_seekable): Use full_read() to handle short reads.
+* NEWS: Mention the bug fix.
+Reported at https://bugs.debian.org/1042546
+
+Reference:https://github.com/coreutils/coreutils/commit/779f34e180fdcabddb24acc2829410ce8ed50fd1
+Conflict:NEWS Context adaptation
+
+---
+ NEWS      | 4 ++++
+ src/tac.c | 3 ++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/NEWS b/NEWS
+index 7f92559..9d83e88 100644
+--- a/NEWS
++++ b/NEWS
+@@ -3,6 +3,10 @@ GNU coreutils NEWS                                    -*- outline -*-
+ * Noteworthy changes in release 8.32 (2020-03-05) [stable]
+
+ ** Bug fixes
++  tac now handles short reads on its input.  Previously it may have exited
++  erroneously, especially with large input files with no separators.
++  [This bug was present in "the beginning".]
++
+   `wc -c` will again correctly update the read offset of inputs.
+   Previously it deduced the size of inputs while leaving the offset unchanged.
+   [bug introduced in coreutils-8.27]
+diff --git a/src/tac.c b/src/tac.c
+index 285f99a74..4c3655895 100644
+--- a/src/tac.c
++++ b/src/tac.c
+@@ -46,6 +46,7 @@ tac -r -s '.\|
+ #include "die.h"
+ #include "error.h"
+ #include "filenamecat.h"
++#include "full-read.h"
+ #include "safe-read.h"
+ #include "stdlib--.h"
+ #include "xbinary-io.h"
+@@ -352,7 +353,7 @@ tac_seekable (int input_fd, char const *file, off_t file_pos)
+           else
+             match_start = past_end;
+ 
+-          if (safe_read (input_fd, G_buffer, read_size) != read_size)
++          if (full_read (input_fd, G_buffer, read_size) != read_size)
+             {
+               error (0, errno, _("%s: read error"), quotef (file));
+               return false;
+-- 
+2.27.0
diff --git a/backport-who-don-t-crash-if-clock-gyrates.patch b/backport-who-don-t-crash-if-clock-gyrates.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c4dfdf6324db5f27aa4b828c81a529b82d9ac072
--- /dev/null
+++ b/backport-who-don-t-crash-if-clock-gyrates.patch
@@ -0,0 +1,48 @@
+From 123d03dca47c4d8e0dc896dd8c5732329e6acffe Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Sat, 1 Jul 2023 11:31:41 -0700
+Subject: [PATCH] =?UTF-8?q?who:=20don=E2=80=99t=20crash=20if=20clock=20gyr?=
+ =?UTF-8?q?ates?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* src/who.c (idle_string): Avoid signed integer overflow
+if the superuser messes with the clock in bizarre ways.
+Remove an ‘assume’ that wasn’t correct under this scenario.
+
+Reference:https://github.com/coreutils/coreutils/commit/123d03dca47c4d8e0dc896dd8c5732329e6acffe
+Conflict:Context adaptation
+
+---
+ src/who.c | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/src/who.c b/src/who.c
+index 362408a42..cff1b822b 100644
+--- a/src/who.c
++++ b/src/who.c
+@@ -189,17 +189,16 @@ idle_string (time_t when, time_t boottime)
+   if (now == TYPE_MINIMUM (time_t))
+     time (&now);
+ 
+-  if (boottime < when && now - 24 * 60 * 60 < when && when <= now)
++  int seconds_idle;
++  if (boottime < when && when <= now
++      && ! INT_SUBTRACT_WRAPV (now, when, &seconds_idle)
++      && seconds_idle < 24 * 60 * 60)
+     {
+-      int seconds_idle = now - when;
+       if (seconds_idle < 60)
+         return "  .  ";
+       else
+         {
+           static char idle_hhmm[IDLESTR_LEN];
+-          /* FIXME-in-2018: see if this assert is still required in order
+-             to suppress gcc's unwarranted -Wformat-length= warning.  */
+-          assert (seconds_idle / (60 * 60) < 24);
+           sprintf (idle_hhmm, "%02d:%02d",
+                    seconds_idle / (60 * 60),
+                    (seconds_idle % (60 * 60)) / 60);
+-- 
+2.27.0
diff --git a/backport-who-fix-only-theoretical-overflow.patch b/backport-who-fix-only-theoretical-overflow.patch
new file mode 100644
index 0000000000000000000000000000000000000000..e8dafabbd6d0a5ce7d56172f8ee4d28cd21798be
--- /dev/null
+++ b/backport-who-fix-only-theoretical-overflow.patch
@@ -0,0 +1,37 @@
+From 9cbda6e1f8fdd4d7ffae26edcabceb239ed14ece Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Mon, 31 Jul 2023 11:21:25 -0700
+Subject: [PATCH] who: fix only-theoretical overflow
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Change stzncpy’s implementation to match its comment, in the case
+where SRC + LEN would overflow.  This case never happens in coreutils.
+* src/system.h (stzncpy): Work even if SRC + LEN would overflow.
+
+Reference:https://github.com/coreutils/coreutils/commit/9cbda6e1f8fdd4d7ffae26edcabceb239ed14ece
+Conflict:NA
+
+---
+ src/system.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/system.h b/src/system.h
+index db1a6773b..2d9c47f48 100644
+--- a/src/system.h
++++ b/src/system.h
+@@ -781,8 +781,8 @@ write_error (void)
+ static inline char *
+ stzncpy (char *restrict dest, char const *restrict src, size_t len)
+ {
+-  char const *src_end = src + len;
+-  while (src < src_end && *src)
++  size_t i;
++  for (i = 0; i < len && *src; i++)
+     *dest++ = *src++;
+   *dest = 0;
+   return dest;
+-- 
+2.27.0
+
diff --git a/coreutils.spec b/coreutils.spec
index 7dc7991def8c956d2257d309cf1fcabcf6bdc0b7..c42f5396915001629dacb420509e54de05c04241 100644
--- a/coreutils.spec
+++ b/coreutils.spec
@@ -1,6 +1,6 @@
 Name:       coreutils
 Version:    8.32
-Release:    9
+Release:    10
 License:    GPLv3+
 Summary:    A set of basic GNU tools commonly used in shell scripts
 Url:        https://www.gnu.org/software/coreutils/
@@ -42,6 +42,11 @@ Patch24:   0001-basenc-fix-bug49741-using-wrong-decoding-buffer-leng.patch
 Patch25:   0002-cat-with-E-fix-handling-of-r-n-spanning-buffers.patch
 Patch26:   backport-pr-fix-infinite-loop-when-double-spacing.patch
 Patch27:   backport-wc-ensure-we-update-file-offset.patch
+Patch28:   backport-who-fix-only-theoretical-overflow.patch
+Patch29:   backport-tac-handle-short-reads-on-input.patch
+Patch30:   backport-setenv-Don-t-crash-if-malloc-returns-NULL.patch
+Patch31:   backport-who-don-t-crash-if-clock-gyrates.patch
+Patch32:   backport-doc-od-strings-clarify-operation.patch
 
 Conflicts: filesystem < 3
 # To avoid clobbering installs
@@ -160,6 +165,14 @@ fi
 %{_mandir}/man*/*
 
 %changelog
+* Tue Dec 5 2023 jiangchuangang <jiangchuangang@huawei.com> - 8.32-10
+- sync patches from community
+- add backport-who-fix-only-theoretical-overflow.patch
+      backport-tac-handle-short-reads-on-input.patch
+      backport-setenv-Don-t-crash-if-malloc-returns-NULL.patch
+      backport-who-don-t-crash-if-clock-gyrates.patch
+      backport-doc-od-strings-clarify-operation.patch
+
 * Fri Dec 1 2023 jiangchuangang<jiangchuangang@huawei.com> - 8.32-9
 - sync patches from community
 - add backport-pr-fix-infinite-loop-when-double-spacing.patch