diff --git a/0124-CVE-2024-34155-track-depth-in-nested-element-lists.patch b/backport-0020-CVE-2024-34155-track-depth-in-nested-element-lists.patch
similarity index 100%
rename from 0124-CVE-2024-34155-track-depth-in-nested-element-lists.patch
rename to backport-0020-CVE-2024-34155-track-depth-in-nested-element-lists.patch
diff --git a/backport-0020-release-branch.go1.21-runtime-pprof-fix-generics-fun.patch b/backport-0021-release-branch.go1.21-runtime-pprof-fix-generics-fun.patch
similarity index 100%
rename from backport-0020-release-branch.go1.21-runtime-pprof-fix-generics-fun.patch
rename to backport-0021-release-branch.go1.21-runtime-pprof-fix-generics-fun.patch
diff --git a/backport-0022-encoding-gob-cover-missed-cases-when-checking-ignore.patch b/backport-0022-encoding-gob-cover-missed-cases-when-checking-ignore.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b101a9fa31c444ec68111f363bfc26429f61394f
--- /dev/null
+++ b/backport-0022-encoding-gob-cover-missed-cases-when-checking-ignore.patch
@@ -0,0 +1,143 @@
+From 08c84420bc40d1cd5eb71b85cbe3a36f707bdb3f Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker <bracewell@google.com>
+Date: Fri, 03 May 2024 09:21:39 -0400
+Subject: [PATCH] encoding/gob: cover missed cases when checking ignore depth
+
+This change makes sure that we are properly checking the ignored field
+recursion depth in decIgnoreOpFor consistently. This prevents stack
+exhaustion when attempting to decode a message that contains an
+extremely deeply nested struct which is ignored.
+
+Thanks to Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu)
+for reporting this issue.
+
+Fixes #69139
+Fixes CVE-2024-34156
+
+Edited-by: Wang Shuo <wangshuo@kylinos.cn>
+
+Change-Id: Iacce06be95a5892b3064f1c40fcba2e2567862d6
+Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/1440
+Reviewed-by: Russ Cox <rsc@google.com>
+Reviewed-by: Damien Neil <dneil@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/611239
+LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Reviewed-by: Roland Shoemaker <roland@golang.org>
+Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
+---
+ src/encoding/gob/decode.go         | 19 +++++++++++--------
+ src/encoding/gob/decoder.go        |  2 ++
+ src/encoding/gob/gobencdec_test.go | 14 ++++++++++++++
+ 3 files changed, 27 insertions(+), 8 deletions(-)
+
+diff --git a/src/encoding/gob/decode.go b/src/encoding/gob/decode.go
+index c0b054e..a2d4eab 100644
+--- a/src/encoding/gob/decode.go
++++ b/src/encoding/gob/decode.go
+@@ -911,8 +911,11 @@ func (dec *Decoder) decOpFor(wireId typeId, rt reflect.Type, name string, inProg
+ var maxIgnoreNestingDepth = 10000
+ 
+ // decIgnoreOpFor returns the decoding op for a field that has no destination.
+-func (dec *Decoder) decIgnoreOpFor(wireId typeId, inProgress map[typeId]*decOp, depth int) *decOp {
+-	if depth > maxIgnoreNestingDepth {
++func (dec *Decoder) decIgnoreOpFor(wireId typeId, inProgress map[typeId]*decOp) *decOp {
++	// Track how deep we've recursed trying to skip nested ignored fields.
++	dec.ignoreDepth++
++	defer func() { dec.ignoreDepth-- }()
++	if dec.ignoreDepth > maxIgnoreNestingDepth {
+ 		error_(errors.New("invalid nesting depth"))
+ 	}
+ 	// If this type is already in progress, it's a recursive type (e.g. map[string]*T).
+@@ -938,7 +941,7 @@ func (dec *Decoder) decIgnoreOpFor(wireId typeId, inProgress map[typeId]*decOp,
+ 			errorf("bad data: undefined type %s", wireId.string())
+ 		case wire.ArrayT != nil:
+ 			elemId := wire.ArrayT.Elem
+-			elemOp := dec.decIgnoreOpFor(elemId, inProgress, depth+1)
++			elemOp := dec.decIgnoreOpFor(elemId, inProgress)
+ 			op = func(i *decInstr, state *decoderState, value reflect.Value) {
+ 				state.dec.ignoreArray(state, *elemOp, wire.ArrayT.Len)
+ 			}
+@@ -946,15 +949,15 @@ func (dec *Decoder) decIgnoreOpFor(wireId typeId, inProgress map[typeId]*decOp,
+ 		case wire.MapT != nil:
+ 			keyId := dec.wireType[wireId].MapT.Key
+ 			elemId := dec.wireType[wireId].MapT.Elem
+-			keyOp := dec.decIgnoreOpFor(keyId, inProgress, depth+1)
+-			elemOp := dec.decIgnoreOpFor(elemId, inProgress, depth+1)
++			keyOp := dec.decIgnoreOpFor(keyId, inProgress)
++			elemOp := dec.decIgnoreOpFor(elemId, inProgress)
+ 			op = func(i *decInstr, state *decoderState, value reflect.Value) {
+ 				state.dec.ignoreMap(state, *keyOp, *elemOp)
+ 			}
+ 
+ 		case wire.SliceT != nil:
+ 			elemId := wire.SliceT.Elem
+-			elemOp := dec.decIgnoreOpFor(elemId, inProgress, depth+1)
++			elemOp := dec.decIgnoreOpFor(elemId, inProgress)
+ 			op = func(i *decInstr, state *decoderState, value reflect.Value) {
+ 				state.dec.ignoreSlice(state, *elemOp)
+ 			}
+@@ -1115,7 +1118,7 @@ func (dec *Decoder) compileSingle(remoteId typeId, ut *userTypeInfo) (engine *de
+ func (dec *Decoder) compileIgnoreSingle(remoteId typeId) *decEngine {
+ 	engine := new(decEngine)
+ 	engine.instr = make([]decInstr, 1) // one item
+-	op := dec.decIgnoreOpFor(remoteId, make(map[typeId]*decOp), 0)
++	op := dec.decIgnoreOpFor(remoteId, make(map[typeId]*decOp))
+ 	ovfl := overflow(dec.typeString(remoteId))
+ 	engine.instr[0] = decInstr{*op, 0, nil, ovfl}
+ 	engine.numInstr = 1
+@@ -1160,7 +1163,7 @@ func (dec *Decoder) compileDec(remoteId typeId, ut *userTypeInfo) (engine *decEn
+ 		localField, present := srt.FieldByName(wireField.Name)
+ 		// TODO(r): anonymous names
+ 		if !present || !isExported(wireField.Name) {
+-			op := dec.decIgnoreOpFor(wireField.Id, make(map[typeId]*decOp), 0)
++			op := dec.decIgnoreOpFor(wireField.Id, make(map[typeId]*decOp))
+ 			engine.instr[fieldnum] = decInstr{*op, fieldnum, nil, ovfl}
+ 			continue
+ 		}
+diff --git a/src/encoding/gob/decoder.go b/src/encoding/gob/decoder.go
+index 5b77adc..4da5717 100644
+--- a/src/encoding/gob/decoder.go
++++ b/src/encoding/gob/decoder.go
+@@ -35,6 +35,8 @@ type Decoder struct {
+ 	freeList     *decoderState                           // list of free decoderStates; avoids reallocation
+ 	countBuf     []byte                                  // used for decoding integers while parsing messages
+ 	err          error
++	// ignoreDepth tracks the depth of recursively parsed ignored fields
++	ignoreDepth int
+ }
+ 
+ // NewDecoder returns a new decoder that reads from the io.Reader.
+diff --git a/src/encoding/gob/gobencdec_test.go b/src/encoding/gob/gobencdec_test.go
+index 6fefd36..3955e28 100644
+--- a/src/encoding/gob/gobencdec_test.go
++++ b/src/encoding/gob/gobencdec_test.go
+@@ -806,6 +806,8 @@ func TestIgnoreDepthLimit(t *testing.T) {
+ 	defer func() { maxIgnoreNestingDepth = oldNestingDepth }()
+ 	b := new(bytes.Buffer)
+ 	enc := NewEncoder(b)
++
++	// Nested slice
+ 	typ := reflect.TypeOf(int(0))
+ 	nested := reflect.ArrayOf(1, typ)
+ 	for i := 0; i < 100; i++ {
+@@ -819,4 +821,16 @@ func TestIgnoreDepthLimit(t *testing.T) {
+ 	if err := dec.Decode(&output); err == nil || err.Error() != expectedErr {
+ 		t.Errorf("Decode didn't fail with depth limit of 100: want %q, got %q", expectedErr, err)
+ 	}
++
++	// Nested struct
++	nested = reflect.StructOf([]reflect.StructField{{Name: "F", Type: typ}})
++	for i := 0; i < 100; i++ {
++		nested = reflect.StructOf([]reflect.StructField{{Name: "F", Type: nested}})
++	}
++	badStruct = reflect.New(reflect.StructOf([]reflect.StructField{{Name: "F", Type: nested}}))
++	enc.Encode(badStruct.Interface())
++	dec = NewDecoder(b)
++	if err := dec.Decode(&output); err == nil || err.Error() != expectedErr {
++		t.Errorf("Decode didn't fail with depth limit of 100: want %q, got %q", expectedErr, err)
++	}
+ }
+-- 
+2.27.0
+
diff --git a/golang.spec b/golang.spec
index e43268d0831db4c1b1c89e246f414bc960835c6b..7ac6b88408e015fb169fdd268b98f1f016a50b55 100644
--- a/golang.spec
+++ b/golang.spec
@@ -66,7 +66,7 @@
 
 Name:           golang
 Version:        1.21.4
-Release:        23
+Release:        24
 Summary:        The Go Programming Language
 License:        BSD and Public Domain
 URL:            https://golang.org/
@@ -139,8 +139,9 @@ Patch6016:	backport-0016-release-branch.go1.21-internal-poll-add-SPLICE_F_NON.pa
 Patch6017:	backport-0017-release-branch.go1.21-runtime-call-enableMetadataHug.patch
 Patch6018:	backport-0018-release-branch.go1.21-cmd-compile-fix-findIndVar-so-.patch
 Patch6019:	backport-0019-release-branch.go1.21-cmd-compile-fix-escape-analysi.patch
-Patch6020:      0124-CVE-2024-34155-track-depth-in-nested-element-lists.patch
-Patch6021:	backport-0020-release-branch.go1.21-runtime-pprof-fix-generics-fun.patch
+Patch6020:	backport-0020-CVE-2024-34155-track-depth-in-nested-element-lists.patch
+Patch6021:	backport-0021-release-branch.go1.21-runtime-pprof-fix-generics-fun.patch
+Patch6022:	backport-0022-encoding-gob-cover-missed-cases-when-checking-ignore.patch
 
 ExclusiveArch:  %{golang_arches}
 
@@ -379,6 +380,13 @@ fi
 %files devel -f go-tests.list -f go-misc.list -f go-src.list
 
 %changelog
+* Mon Nov 04 2024 wangshuo <wangshuo@kylinops.cn> - 1.21.4-24
+- Type:CVE
+- CVE:CVE-2024-34156
+- SUG:NA
+- DESC:fix CVE-2024-34156
+-      optimize the names of the first two patch files
+
 * Thu Oct 10 2024 EulerOSWander <314264452@qq.com> - 1.21.4-23
 - runtime/pprof: fix generics functions names