diff --git a/0084-release-branch.go1.18-net-http-update-bundled-golang.patch b/0084-release-branch.go1.18-net-http-update-bundled-golang.patch
new file mode 100644
index 0000000000000000000000000000000000000000..45e51ee3a83eb311559dbfe0e1b7e6379bc140e5
--- /dev/null
+++ b/0084-release-branch.go1.18-net-http-update-bundled-golang.patch
@@ -0,0 +1,75 @@
+From 8d2cac9ac54ae7278bc5979a824f1278e124fc70 Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Wed, 30 Nov 2022 16:37:07 -0500
+Subject: [PATCH] [release-branch.go1.18] net/http: update bundled
+ golang.org/x/net/http2
+
+Disable cmd/internal/moddeps test, since this update includes PRIVATE
+track fixes.
+
+For #56350
+For #57008
+Fixes CVE-2022-41717
+
+Change-Id: I31ebd2b9ae190ef6f7646187103ea1c8a713ff2e
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1663833
+Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/455361
+Run-TryBot: Jenny Rakoczy <jenny@golang.org>
+Reviewed-by: Michael Pratt <mpratt@google.com>
+TryBot-Result: Gopher Robot <gobot@golang.org>
+
+Conflict:NA
+Reference:https://go-review.googlesource.com/c/go/+/455361
+---
+ src/net/http/h2_bundle.go | 18 +++++++++++-------
+ 1 file changed, 11 insertions(+), 7 deletions(-)
+
+diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
+index dc30e077ae..d951d4f38c 100644
+--- a/src/net/http/h2_bundle.go
++++ b/src/net/http/h2_bundle.go
+@@ -4096,6 +4096,7 @@ type http2serverConn struct {
+ 	headerTableSize             uint32
+ 	peerMaxHeaderListSize       uint32            // zero means unknown (default)
+ 	canonHeader                 map[string]string // http2-lower-case -> Go-Canonical-Case
++	canonHeaderKeysSize         int               // canonHeader keys size in bytes
+ 	writingFrame                bool              // started writing a frame (on serve goroutine or separate)
+ 	writingFrameAsync           bool              // started a frame on its own goroutine but haven't heard back on wroteFrameCh
+ 	needsFrameFlush             bool              // last frame write wasn't a flush
+@@ -4275,6 +4276,13 @@ func (sc *http2serverConn) condlogf(err error, format string, args ...interface{
+ 	}
+ }
+ 
++// maxCachedCanonicalHeadersKeysSize is an arbitrarily-chosen limit on the size
++// of the entries in the canonHeader cache.
++// This should be larger than the size of unique, uncommon header keys likely to
++// be sent by the peer, while not so high as to permit unreasonable memory usage
++// if the peer sends an unbounded number of unique header keys.
++const http2maxCachedCanonicalHeadersKeysSize = 2048
++
+ func (sc *http2serverConn) canonicalHeader(v string) string {
+ 	sc.serveG.check()
+ 	http2buildCommonHeaderMapsOnce()
+@@ -4290,14 +4298,10 @@ func (sc *http2serverConn) canonicalHeader(v string) string {
+ 		sc.canonHeader = make(map[string]string)
+ 	}
+ 	cv = CanonicalHeaderKey(v)
+-	// maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of
+-	// entries in the canonHeader cache. This should be larger than the number
+-	// of unique, uncommon header keys likely to be sent by the peer, while not
+-	// so high as to permit unreaasonable memory usage if the peer sends an unbounded
+-	// number of unique header keys.
+-	const maxCachedCanonicalHeaders = 32
+-	if len(sc.canonHeader) < maxCachedCanonicalHeaders {
++	size := 100 + len(v)*2 // 100 bytes of map overhead + key + value
++	if sc.canonHeaderKeysSize+size <= http2maxCachedCanonicalHeadersKeysSize {
+ 		sc.canonHeader[v] = cv
++		sc.canonHeaderKeysSize += size
+ 	}
+ 	return cv
+ }
+-- 
+2.33.0
+
diff --git a/golang.spec b/golang.spec
index 00bd1a57e08d0e0b57ed997ff9318cce9402fba6..9795f77a88f99c32862e974b6c352e14006bca38 100644
--- a/golang.spec
+++ b/golang.spec
@@ -58,7 +58,7 @@
 
 Name:           golang
 Version:        1.15.7
-Release:        22
+Release:        23
 Summary:        The Go Programming Language
 License:        BSD and Public Domain
 URL:            https://golang.org/
@@ -225,6 +225,7 @@ Patch6080:	0080-release-branch.go1.18-net-http-httputil-avoid-query-.patch
 Patch6081:	0081-release-branch.go1.18-archive-tar-limit-size-of-head.patch
 Patch6082:	0082-net-url-reject-query-values-with-semicolons.patch
 Patch6083:	0083-syscall-os-exec-reject-environment-variables-contain.patch
+Patch6084:	0084-release-branch.go1.18-net-http-update-bundled-golang.patch
 
 Patch9001:       0001-drop-hard-code-cert.patch
 Patch9002:       0002-fix-patch-cmd-go-internal-modfetch-do-not-sho.patch
@@ -464,6 +465,12 @@ fi
 %files devel -f go-tests.list -f go-misc.list -f go-src.list
 
 %changelog
+* Fri Jan 20 2023 hanchao <hanchao47@huawei.com> - 1.15.7-23
+- Type:CVE
+- CVE:CVE-2022-41717
+- SUG:NA
+- DESC:fix CVE-2022-41717
+
 * Thu Nov 17 2022 hanchao<hanchao47@huawei.com> - 1.15.7-22
 - Type:CVE
 - CVE:CVE-2022-41716