diff --git a/backport-fix-use-after-free-in-verto_free.patch b/backport-fix-use-after-free-in-verto_free.patch
new file mode 100644
index 0000000000000000000000000000000000000000..fab48410228289c9bc3a39c1ae2cb590f85690ce
--- /dev/null
+++ b/backport-fix-use-after-free-in-verto_free.patch
@@ -0,0 +1,47 @@
+From 60b276cf4ce4ab244670dfac1301704b28498805 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Mon, 15 Mar 2021 14:27:18 -0400
+Subject: [PATCH] Fix use-after-free in verto_free()
+
+Instead of freeing all events, verto_free() would spin trying to free
+the same one.
+
+Discovered by scan-build.
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+Signed-off-by: hanxinke <hanxinke@huawei.com>
+---
+ src/verto.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/verto.c b/src/verto.c
+index 71eaffa..c06c92b 100644
+--- a/src/verto.c
++++ b/src/verto.c
+@@ -583,6 +583,8 @@ verto_set_allocator(void *(*resize)(void *mem, size_t size),
+ void
+ verto_free(verto_ctx *ctx)
+ {
++    verto_ev *cur, *next;
++
+     if (!ctx)
+         return;
+ 
+@@ -591,8 +593,12 @@ verto_free(verto_ctx *ctx)
+         return;
+ 
+     /* Cancel all pending events */
+-    while (ctx->events)
+-        verto_del(ctx->events);
++    next = NULL;
++    for (cur = ctx->events; cur != NULL; cur = next) {
++        next = cur->next;
++        verto_del(cur);
++    }
++    ctx->events = NULL;
+ 
+     /* Free the private */
+     if (!ctx->deflt || !ctx->module->funcs->ctx_default)
+-- 
+1.8.3.1
+
diff --git a/backport-re-order-pkgconfig-for-expected-dependencies.patch b/backport-re-order-pkgconfig-for-expected-dependencies.patch
new file mode 100644
index 0000000000000000000000000000000000000000..478e4a429d86db26258c1cc556f87e46874a8d06
--- /dev/null
+++ b/backport-re-order-pkgconfig-for-expected-dependencies.patch
@@ -0,0 +1,88 @@
+From 73f7ac4d26aebfef924f3bd807f47522c2ff0ed8 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Mon, 3 Jun 2019 16:04:16 -0400
+Subject: [PATCH] Re-order pkgconfig for expected dependencies
+
+Certain versions of autotools seem to generate recursive pkgconfig
+files such that exec_prefix is defined in terms of prefix, and libdir
+is defined in terms of exec_prefix.  While all orderings are possible,
+attempt to cope with this apparently common one.
+
+Resolves: #25
+Signed-off-by: hanxinke <hanxinke@huawei.com>
+---
+ libverto-glib.pc.in     | 2 +-
+ libverto-libev.pc.in    | 2 +-
+ libverto-libevent.pc.in | 2 +-
+ libverto-tevent.pc.in   | 2 +-
+ libverto.pc.in          | 2 +-
+ 5 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/libverto-glib.pc.in b/libverto-glib.pc.in
+index e7424e9..da25017 100644
+--- a/libverto-glib.pc.in
++++ b/libverto-glib.pc.in
+@@ -1,7 +1,7 @@
+ prefix=@prefix@
++exec_prefix=@exec_prefix@
+ libdir=@libdir@
+ includedir=@includedir@
+-exec_prefix=@exec_prefix@
+  
+ Name: libverto-glib
+ Description: Event loop abstraction interface (glib module)
+diff --git a/libverto-libev.pc.in b/libverto-libev.pc.in
+index e6eebbe..7694418 100644
+--- a/libverto-libev.pc.in
++++ b/libverto-libev.pc.in
+@@ -1,7 +1,7 @@
+ prefix=@prefix@
++exec_prefix=@exec_prefix@
+ libdir=@libdir@
+ includedir=@includedir@
+-exec_prefix=@exec_prefix@
+  
+ Name: libverto-libev
+ Description: Event loop abstraction interface (libev module)
+diff --git a/libverto-libevent.pc.in b/libverto-libevent.pc.in
+index de1c63a..7c3354c 100644
+--- a/libverto-libevent.pc.in
++++ b/libverto-libevent.pc.in
+@@ -1,7 +1,7 @@
+ prefix=@prefix@
++exec_prefix=@exec_prefix@
+ libdir=@libdir@
+ includedir=@includedir@
+-exec_prefix=@exec_prefix@
+  
+ Name: libverto-libevent
+ Description: Event loop abstraction interface (libevent module)
+diff --git a/libverto-tevent.pc.in b/libverto-tevent.pc.in
+index 95e5d8a..0568363 100644
+--- a/libverto-tevent.pc.in
++++ b/libverto-tevent.pc.in
+@@ -1,7 +1,7 @@
+ prefix=@prefix@
++exec_prefix=@exec_prefix@
+ libdir=@libdir@
+ includedir=@includedir@
+-exec_prefix=@exec_prefix@
+  
+ Name: libverto-tevent
+ Description: Event loop abstraction interface (tevent module)
+diff --git a/libverto.pc.in b/libverto.pc.in
+index 03c9599..c949397 100644
+--- a/libverto.pc.in
++++ b/libverto.pc.in
+@@ -1,7 +1,7 @@
+ prefix=@prefix@
++exec_prefix=@exec_prefix@
+ libdir=@libdir@
+ includedir=@includedir@
+-exec_prefix=@exec_prefix@
+  
+ Name: libverto
+ Description: Event loop abstraction interface
+-- 
+1.8.3.1
+
diff --git a/libverto.spec b/libverto.spec
index e9bef32308a0c443139eb61971013daa6be6bf84..56e83876d2a550a4e4414db3342fc2ece417e60e 100644
--- a/libverto.spec
+++ b/libverto.spec
@@ -1,11 +1,13 @@
 Name:           libverto
 Version:        0.3.1
-Release:        4
+Release:        5
 Summary:        Main loop abstraction library
 License:        MIT
 URL:            https://github.com/latchset/libverto
 Source0:        https://github.com/latchset/libverto/releases/download/%{version}/%{name}-%{version}.tar.gz
 
+Patch0:         backport-re-order-pkgconfig-for-expected-dependencies.patch
+Patch1:         backport-fix-use-after-free-in-verto_free.patch
 
 BuildRequires:  autoconf automake libtool glib2-devel
 BuildRequires:  libevent-devel libev-devel git
@@ -93,6 +95,10 @@ make check
 %{_libdir}/pkgconfig/%{name}-libev.pc
 
 %changelog
+* Tue Jul 11 2023 fuanan <fuanan3@h-partners.com> - 0.3.1-5
+- fix use after free in verto_free
+- fix broken pkgconfig files
+
 * Tue Mar 28 2023 fuanan <fuanan3@h-partners.com> - 0.3.1-4
 - enable check test suite