diff --git a/8224675-Late-GC-barrier-insertion-for-ZGC.patch b/8224675-Late-GC-barrier-insertion-for-ZGC.patch
index 95dc4c9534025966ef3685ce9256373b8bcb7e46..50e15d1eb5affe295e471492566ff76974cabbb4 100644
--- a/8224675-Late-GC-barrier-insertion-for-ZGC.patch
+++ b/8224675-Late-GC-barrier-insertion-for-ZGC.patch
@@ -2812,7 +2812,7 @@ index 5454d1350..d7eb3996b 100644
 --- a/src/hotspot/share/opto/loopnode.cpp
 +++ b/src/hotspot/share/opto/loopnode.cpp
 @@ -3017,9 +3018,7 @@ void PhaseIdealLoop::build_and_optimize() {
-   build_loop_late( visited, worklist, nstack );
+   if (C->failing()) { return; }
 
    if (_verify_only) {
 -    // restore major progress flag
diff --git a/delete_expired_certificates.patch b/delete_expired_certificates.patch
index b57ab696789bca351152ccb85a9f269834ef5805..7f2e4192b5c25766655292bd715d242ee4a4852d 100644
--- a/delete_expired_certificates.patch
+++ b/delete_expired_certificates.patch
@@ -120,14 +120,15 @@ index 122a01901..c131bd493 100644
              + File.separator + "security" + File.separator + "cacerts";
  
      // The numbers of certs now.
--    private static final int COUNT = 106;
+-    private static final int COUNT = 108;
 +    private static final int COUNT = 103;
  
      // SHA-256 of cacerts, can be generated with
      // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
      private static final String CHECKSUM
--            = "61:5F:6D:C5:9C:A3:8A:65:3F:CB:F9:F5:26:04:23:F4:53:A6:8C:B3:8B:2B:0A:F0:66:7D:9E:67:B9:4D:AC:B7";
+-            = "81:D4:84:F6:92:78:A4:82:25:06:DC:42:25:C9:5D:6C:63:E4:99:CE:BC:ED:66:B3:8C:BA:E6:BA:6B:34:0F:01";
 +            = "AC:5D:D0:F5:D4:E9:7B:8E:69:B9:E3:6C:08:44:0D:CB:63:83:D5:A0:D4:DE:4F:17:4F:D3:83:6D:99:26:94:59";
+
      // map of cert alias to SHA-256 fingerprint
      @SuppressWarnings("serial")
      private static final Map<String, String> FINGERPRINT_MAP = new HashMap<>() {
diff --git a/jdk-updates-jdk11u-jdk-11.0.22-ga.tar.xz b/jdk-updates-jdk11u-jdk-11.0.22-ga.tar.xz
deleted file mode 100644
index 78684a6b6786cdb8bb6da27dfcda3fed126946db..0000000000000000000000000000000000000000
Binary files a/jdk-updates-jdk11u-jdk-11.0.22-ga.tar.xz and /dev/null differ
diff --git a/jdk-updates-jdk11u-jdk-11.0.23-ga.tar.xz b/jdk-updates-jdk11u-jdk-11.0.23-ga.tar.xz
new file mode 100644
index 0000000000000000000000000000000000000000..a85eb8e2cd7b940dca26fdca0cf257324391a097
Binary files /dev/null and b/jdk-updates-jdk11u-jdk-11.0.23-ga.tar.xz differ
diff --git a/openjdk-11.spec b/openjdk-11.spec
index ac6abbb74d1277a7f5c609a60a7f4d10dabb6b05..cfad0dff9fcd4cd96ce5581eaae2a3390408965f 100644
--- a/openjdk-11.spec
+++ b/openjdk-11.spec
@@ -125,7 +125,7 @@
 
 # New Version-String scheme-style defines
 %global majorver 11
-%global securityver 22
+%global securityver 23
 # buildjdkver is usually same as %%{majorver},
 # but in time of bootstrap of next jdk, it is majorver-1,
 # and this it is better to change it here, on single place
@@ -146,7 +146,7 @@
 
 %global project		jdk-updates
 %global repo		jdk11u
-%global revision	jdk-11.0.22-ga
+%global revision	jdk-11.0.23-ga
 %global full_revision %{project}-%{repo}-%{revision}
 # priority must be 7 digits in total
 # setting to 1, so debug ones can have 0
@@ -757,7 +757,7 @@ Provides: java-src%{?1} = %{epoch}:%{version}-%{release}
 
 Name:    java-%{javaver}-%{origin}
 Version: %{newjavaver}.%{buildver}
-Release: 3
+Release: 0
 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
 # and this change was brought into RHEL-4. java-1.5.0-ibm packages
 # also included the epoch in their virtual provides. This created a
@@ -1725,6 +1725,10 @@ cjc.mainProgram(arg)
 
 
 %changelog
+* Thu Apr 18 2024 huangjie <huangjie150@huawei.com> - 1:11.0.23.9-0
+- modified 8224675-Late-GC-barrier-insertion-for-ZGC.patch
+- modified delete_expired_certificates.patch 
+
 * Wed Mar 13 2024 jiahua.yu <jiahua.yu@shingroup.cn> - 1:11.0.22.7-3
 - init support for arch ppc64le
 
@@ -1752,15 +1756,15 @@ cjc.mainProgram(arg)
 * Thu Aug 17 2023 misaka00251 <liuxin@iscas.ac.cn> - 1:11.0.20.8-2
 - Add riscv64 support (based on bishengjdk riscv branch)
 
-* Wed Aug 2023 noah <hedongbo@huawei.com> - 1:11.0.20.8-1
+* Wed Aug 16 2023 noah <hedongbo@huawei.com> - 1:11.0.20.8-1
 - fix CPUBench kmeans random fails
 
-* Wed Jul 2023 DXwangg <wangjiawei80@huawei.com> - 1:11.0.20.8-0
+* Wed Jul 12 2023 DXwangg <wangjiawei80@huawei.com> - 1:11.0.20.8-0
 - update to 11.0.20+8(GA)
 - modified delete_expired_certificates.patch
 
 
-* Thu Apr 2023 DXwangg <wangjiawei80@huawei.com> - 1:11.0.19.7-0
+* Thu Apr 20 2023 DXwangg <wangjiawei80@huawei.com> - 1:11.0.19.7-0
 - update to 11.0.19+7(GA)
 - deleted 8225648-TESTBUG-java-lang-annotation-loaderLeak-Main.patch
 - modified Add-KAE-implementation.patch