diff --git a/.glib2.spec.swp b/.glib2.spec.swp
new file mode 100644
index 0000000000000000000000000000000000000000..c2e96268da6e252619cbe34ab37ccc6d039fd0e4
Binary files /dev/null and b/.glib2.spec.swp differ
diff --git a/CVE-2025-7039.patch b/CVE-2025-7039.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5cec29bf6481b2755e049ce29452d2d69ede04d1
--- /dev/null
+++ b/CVE-2025-7039.patch
@@ -0,0 +1,42 @@
+From 61e963284889ddb4544e6f1d5261c16120f6fcc3 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Tue, 1 Jul 2025 10:58:07 -0500
+Subject: [PATCH] gfileutils: fix computation of temporary file name
+
+We need to ensure that the value we use to index into the letters array
+is always positive.
+
+Fixes #3716
+---
+ glib/gfileutils.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gfileutils.c b/glib/gfileutils.c
+index c7d3339d1..286b1b154 100644
+--- a/glib/gfileutils.c
++++ b/glib/gfileutils.c
+@@ -1538,9 +1538,9 @@ get_tmp_file (gchar            *tmpl,
+   static const char letters[] =
+     "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+   static const int NLETTERS = sizeof (letters) - 1;
+-  gint64 value;
+-  gint64 now_us;
+-  static int counter = 0;
++  guint64 value;
++  guint64 now_us;
++  static guint counter = 0;
+ 
+   g_return_val_if_fail (tmpl != NULL, -1);
+ 
+@@ -1559,7 +1559,7 @@ get_tmp_file (gchar            *tmpl,
+ 
+   for (count = 0; count < 100; value += 7777, ++count)
+     {
+-      gint64 v = value;
++      guint64 v = value;
+ 
+       /* Fill in the random bits.  */
+       XXXXXX[0] = letters[v % NLETTERS];
+-- 
+2.20.1
+
diff --git a/glib2.spec b/glib2.spec
index 66b3b9057a1fdd78242bb4918294fd152b41f6a6..ab132e2a74aaeaa33da99b508f509782cc94d85c 100644
--- a/glib2.spec
+++ b/glib2.spec
@@ -2,7 +2,7 @@
 
 Name:           glib2
 Version:        2.84.4
-Release:        1
+Release:        2
 Summary:        The core library that forms the basis for projects such as GTK+ and GNOME
 License:        LGPL-2.1-or-later
 URL:            https://www.gtk.org
@@ -11,6 +11,7 @@ Source0:        https://download.gnome.org/sources/glib/2.84/glib-%{version}.tar
 Patch1:  gspawn-eperm.patch
 Patch3:  gio-fix-filesystem-type-ext-err.patch
 Patch4:  Correct-translation-information.patch
+Patch5:  CVE-2025-7039.patch
 
 BuildRequires: gcc gettext
 BuildRequires: meson >= 1.4.0
@@ -233,6 +234,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
 %{_docdir}/g*-2.0
 
 %changelog
+* Tue Sep 02 2025 Yu Peng <yupeng@kylinos.cn> - 2.84.4-2
+- Fix CVE-2025-7039
+
 * Sat Aug 09 2025 Funda Wang <fundawang@yeah.net> - 2.84.4-1
 - update to 2.84.4