diff --git a/backport-CVE-2024-50602-testcase.patch b/backport-CVE-2024-50602-testcase.patch
deleted file mode 100644
index 2523ba331ca9ae9a03aebba62245cef8acb8899d..0000000000000000000000000000000000000000
--- a/backport-CVE-2024-50602-testcase.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From b3836ff534c7cc78128fe7b935aad3d4353814ed Mon Sep 17 00:00:00 2001
-From: Sebastian Pipping <sebastian@pipping.org>
-Date: Sun, 20 Oct 2024 23:24:27 +0200
-Subject: [PATCH 3/3] tests: Cover XML_StopParser's new handling of status
- XML_INITIALIZED
-
-Prior to the fix to XML_StopParser, test test_misc_resumeparser_not_crashing
-would crash with a NULL pointer dereference in function normal_updatePosition.
-This was the AddressSanitizer output:
-
-> AddressSanitizer:DEADLYSIGNAL
-> =================================================================
-> ==19700==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5623e07ad85f bp 0x7ffcf40da650 sp 0x7ffcf40da590 T0)
-> ==19700==The signal is caused by a READ memory access.
-> ==19700==Hint: address points to the zero page.
->     #0 0x5623e07ad85f in normal_updatePosition [..]/lib/xmltok_impl.c:1781:13
->     #1 0x5623e07a52ff in initUpdatePosition [..]/lib/xmltok.c:1031:3
->     #2 0x5623e0762760 in XML_ResumeParser [..]/lib/xmlparse.c:2297:3
->     #3 0x5623e074f7c1 in test_misc_resumeparser_not_crashing() misc_tests_cxx.cpp
->     #4 0x5623e074e228 in srunner_run_all ([..]/build_asan_fuzzers/tests/runtests_cxx+0x136228)
->     #5 0x5623e0753d2d in main ([..]/build_asan_fuzzers/tests/runtests_cxx+0x13bd2d)
->     #6 0x7f802a39af79  (/lib64/libc.so.6+0x25f79)
->     #7 0x7f802a39b034 in __libc_start_main (/lib64/libc.so.6+0x26034)
->     #8 0x5623e064f340 in _start ([..]/build_asan_fuzzers/tests/runtests_cxx+0x37340)
->
-> AddressSanitizer can not provide additional info.
-> SUMMARY: AddressSanitizer: SEGV [..]/lib/xmltok_impl.c:1781:13 in normal_updatePosition
-> ==19700==ABORTING
-
-And this the UndefinedBehaviorSanitizer output:
-
-> [..]/lib/xmltok_impl.c:1781:13: runtime error: load of null pointer of type 'const char'
-> SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior [..]/lib/xmltok_impl.c:1781:13 in
----
- tests/misc_tests.c | 24 ++++++++++++++++++++++++
- 1 file changed, 24 insertions(+)
-
-diff --git a/tests/misc_tests.c b/tests/misc_tests.c
-index 2ee9320..1766e41 100644
---- a/tests/misc_tests.c
-+++ b/tests/misc_tests.c
-@@ -496,6 +496,28 @@ START_TEST(test_misc_char_handler_stop_without_leak) {
- }
- END_TEST
- 
-+START_TEST(test_misc_resumeparser_not_crashing) {
-+  XML_Parser parser = XML_ParserCreate(NULL);
-+  XML_GetBuffer(parser, 1);
-+  XML_StopParser(parser, /*resumable=*/XML_TRUE);
-+  XML_ResumeParser(parser); // could crash here, previously
-+  XML_ParserFree(parser);
-+}
-+END_TEST
-+
-+START_TEST(test_misc_stopparser_rejects_unstarted_parser) {
-+  const XML_Bool cases[] = {XML_TRUE, XML_FALSE};
-+  for (size_t i = 0; i < sizeof(cases) / sizeof(cases[0]); i++) {
-+    const XML_Bool resumable = cases[i];
-+    XML_Parser parser = XML_ParserCreate(NULL);
-+    assert_true(XML_GetErrorCode(parser) == XML_ERROR_NONE);
-+    assert_true(XML_StopParser(parser, resumable) == XML_STATUS_ERROR);
-+    assert_true(XML_GetErrorCode(parser) == XML_ERROR_NOT_STARTED);
-+    XML_ParserFree(parser);
-+  }
-+}
-+END_TEST
-+
- void
- make_miscellaneous_test_case(Suite *s) {
-   TCase *tc_misc = tcase_create("miscellaneous tests");
-@@ -520,4 +542,6 @@ make_miscellaneous_test_case(Suite *s) {
-                  test_misc_create_external_entity_parser_with_null_context);
-   tcase_add_test(tc_misc, test_misc_general_entities_support);
-   tcase_add_test(tc_misc, test_misc_char_handler_stop_without_leak);
-+  tcase_add_test(tc_misc, test_misc_resumeparser_not_crashing);
-+  tcase_add_test(tc_misc, test_misc_stopparser_rejects_unstarted_parser);
- }
--- 
-2.27.0
-
diff --git a/backport-CVE-2024-50602.patch b/backport-CVE-2024-50602.patch
deleted file mode 100644
index e5e9307788a1a654f34b74ffe2aff47b86d79b38..0000000000000000000000000000000000000000
--- a/backport-CVE-2024-50602.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From 51c7019069b862e88d94ed228659e70bddd5de09 Mon Sep 17 00:00:00 2001
-From: Sebastian Pipping <sebastian@pipping.org>
-Date: Mon, 21 Oct 2024 01:42:54 +0200
-Subject: [PATCH 1/3] lib: Make XML_StopParser refuse to stop/suspend an
- unstarted parser
----
- lib/expat.h    |  4 +++-
- lib/xmlparse.c | 11 ++++++++++-
- 2 files changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/lib/expat.h b/lib/expat.h
-index 504727a..3a9ac2c 100644
---- a/lib/expat.h
-+++ b/lib/expat.h
-@@ -127,7 +127,9 @@ enum XML_Error {
-   /* Added in 2.3.0. */
-   XML_ERROR_NO_BUFFER,
-   /* Added in 2.4.0. */
--  XML_ERROR_AMPLIFICATION_LIMIT_BREACH
-+  XML_ERROR_AMPLIFICATION_LIMIT_BREACH,
-+  /* Added in 2.6.4. */
-+  XML_ERROR_NOT_STARTED,
- };
- 
- enum XML_Content_Type {
-diff --git a/lib/xmlparse.c b/lib/xmlparse.c
-index 75cb51d..e13b2bf 100644
---- a/lib/xmlparse.c
-+++ b/lib/xmlparse.c
-@@ -2208,6 +2208,9 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable) {
-   if (parser == NULL)
-     return XML_STATUS_ERROR;
-   switch (parser->m_parsingStatus.parsing) {
-+  case XML_INITIALIZED:
-+    parser->m_errorCode = XML_ERROR_NOT_STARTED;
-+    return XML_STATUS_ERROR;
-   case XML_SUSPENDED:
-     if (resumable) {
-       parser->m_errorCode = XML_ERROR_SUSPENDED;
-@@ -2218,7 +2221,7 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable) {
-   case XML_FINISHED:
-     parser->m_errorCode = XML_ERROR_FINISHED;
-     return XML_STATUS_ERROR;
--  default:
-+  case XML_PARSING:
-     if (resumable) {
- #ifdef XML_DTD
-       if (parser->m_isParamEntity) {
-@@ -2229,6 +2232,9 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable) {
-       parser->m_parsingStatus.parsing = XML_SUSPENDED;
-     } else
-       parser->m_parsingStatus.parsing = XML_FINISHED;
-+    break;
-+  default:
-+    assert(0);
-   }
-   return XML_STATUS_OK;
- }
-@@ -2493,6 +2499,9 @@ XML_ErrorString(enum XML_Error code) {
-   case XML_ERROR_AMPLIFICATION_LIMIT_BREACH:
-     return XML_L(
-         "limit on input amplification factor (from DTD and entities) breached");
-+  /* Added in 2.6.4. */
-+  case XML_ERROR_NOT_STARTED:
-+    return XML_L("parser not started");
-   }
-   return NULL;
- }
--- 
-2.27.0
diff --git a/expat-2.6.3.tar.xz b/expat-2.6.3.tar.xz
deleted file mode 100644
index f7d463566a03b68031e03c534f2bb84849098240..0000000000000000000000000000000000000000
Binary files a/expat-2.6.3.tar.xz and /dev/null differ
diff --git a/expat-2.6.4.tar.xz b/expat-2.6.4.tar.xz
new file mode 100644
index 0000000000000000000000000000000000000000..8a6d88e008652fe9168b8c4614974e91e475b59d
Binary files /dev/null and b/expat-2.6.4.tar.xz differ
diff --git a/expat.spec b/expat.spec
index d46dd9f53ba266a9abfb1b3d5fb189c4cd903063..9d7bdcdc79c66d3ed35599f75dc40d4a037871ba 100644
--- a/expat.spec
+++ b/expat.spec
@@ -1,15 +1,12 @@
 %define Rversion %(echo %{version} | sed -e 's/\\./_/g' -e 's/^/R_/')
 Name:           expat
-Version:        2.6.3
-Release:        2
+Version:        2.6.4
+Release:        1
 Summary:        An XML parser library
 License:        MIT
 URL:            https://libexpat.github.io/
 Source0:        https://github.com/libexpat/libexpat/releases/download/%{Rversion}/expat-%{version}.tar.xz
 
-Patch001:   backport-CVE-2024-50602.patch
-Patch002:   backport-CVE-2024-50602-testcase.patch
-
 BuildRequires:  sed,autoconf,automake,gcc-c++,libtool,xmlto,make
 BuildRequires:  cmake-rpm-macros
 
@@ -65,6 +62,9 @@ rm -fv %{buildroot}%{_datadir}/doc/%{name}/changelog
 %{_mandir}/man1/*
 
 %changelog
+* Sat Nov 09 2024 Funda Wang <fundawang@yeah.net> - 2.6.4-1
+- update to 2.6.4
+
 * Tue Oct 29 2024 liningjie <liningjie@xfusion.com> - 2.6.3-2
 - fix CVE-2024-50602