diff --git a/backport-CVE-2023-32324.patch b/backport-CVE-2023-32324.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c5c2672964ced0dd90174bf15cd040201ba2de8f
--- /dev/null
+++ b/backport-CVE-2023-32324.patch
@@ -0,0 +1,37 @@
+From fd8bc2d32589d1fd91fe1c0521be2a7c0462109e Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Thu, 1 Jun 2023 12:04:00 +0200
+Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes CVE-2023-32324)
+
+Reference:https://github.com/OpenPrinting/cups/commit/fd8bc2d32589d1fd91fe1c0521be2a7c0462109e
+Conflict:NA
+
+---
+ cups/string.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/cups/string.c b/cups/string.c
+index 93cdad1..5def888 100644
+--- a/cups/string.c
++++ b/cups/string.c
+@@ -1,6 +1,7 @@
+ /*
+  * String functions for CUPS.
+  *
++ * Copyright © 2023 by OpenPrinting.
+  * Copyright © 2007-2019 by Apple Inc.
+  * Copyright © 1997-2007 by Easy Software Products.
+  *
+@@ -730,6 +731,9 @@ _cups_strlcpy(char       *dst,		/* O - Destination string */
+   size_t	srclen;			/* Length of source string */
+ 
+ 
++  if (size == 0)
++    return (0);
++
+  /*
+   * Figure out how much room is needed...
+   */
+-- 
+2.27.0
+
diff --git a/cups.spec b/cups.spec
index d52fcb82c737a0f9a202fc9b23381215317ec94a..ed6abd86aa24cf678c8af0434ea0db62f5fa20dd 100644
--- a/cups.spec
+++ b/cups.spec
@@ -1,7 +1,7 @@
 Name:    cups
 Epoch:   1
 Version: 2.2.13
-Release: 13
+Release: 14
 Summary: CUPS is the standards-based, open source printing system for linux operating systems.
 License: GPLv2+ and LGPLv2+ with exceptions and AML
 Url:     http://www.cups.org/
@@ -38,6 +38,7 @@ Patch6001: backport-to-make-sure-service-start-in-the-right-order.patch
 Patch6002: backport-CVE-2022-26691.patch
 #Partial backport of 82e3ee0e3230287b76a76fb8f16b92ca6e50b444
 Patch6003: CVE-2019-8842.patch
+Patch6004: backport-CVE-2023-32324.patch
 
 Provides: cupsddk cupsddk-drivers cups-filesystem cups-client cups-ipptool cups-lpd
 Provides: lpd lpr /usr/bin/lpq /usr/bin/lpr /usr/bin/lp /usr/bin/cancel /usr/bin/lprm /usr/bin/lpstat
@@ -332,6 +333,9 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
 %doc %{_datadir}/%{name}/www/apple-touch-icon.png
 
 %changelog
+* Sat Jun 3 2023 zhouwenpei <zhouwenpei@h-partners.com> - 1:2.2.13-14
+- fix CVE-2023-32324
+
 * Fri Mar 17 2023 zhangpan <zhangpan103@h-partners.com> 2.2.13-13
 - DESC:enable test