diff --git a/CVE-2020-25709.patch b/CVE-2020-25709.patch
new file mode 100644
index 0000000000000000000000000000000000000000..6aa13ca5e0b8a14eaa493c6eb320764ba4e741b5
--- /dev/null
+++ b/CVE-2020-25709.patch
@@ -0,0 +1,25 @@
+From 67670f4544e28fb09eb7319c39f404e1d3229e65 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Mon, 2 Nov 2020 13:12:10 +0000
+Subject: [PATCH] ITS#9383 remove assert in certificateListValidate
+
+---
+ servers/slapd/schema_init.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
+index ea0d67aa62..28f9e71a16 100644
+--- a/servers/slapd/schema_init.c
++++ b/servers/slapd/schema_init.c
+@@ -371,8 +371,7 @@ certificateListValidate( Syntax *syntax, struct berval *in )
+ 	/* Optional version */
+ 	if ( tag == LBER_INTEGER ) {
+ 		tag = ber_get_int( ber, &version );
+-		assert( tag == LBER_INTEGER );
+-		if ( version != SLAP_X509_V2 ) return LDAP_INVALID_SYNTAX;
++		if ( tag != LBER_INTEGER || version != SLAP_X509_V2 ) return LDAP_INVALID_SYNTAX;
+ 	}
+ 	tag = ber_skip_tag( ber, &len );	/* Signature Algorithm */
+ 	if ( tag != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
+-- 
+GitLab
diff --git a/CVE-2020-25710.patch b/CVE-2020-25710.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3edfe421036a090f38d5be8247f79f57edef6a46
--- /dev/null
+++ b/CVE-2020-25710.patch
@@ -0,0 +1,26 @@
+From bdb0d459187522a6063df13871b82ba8dcc6efe2 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Mon, 2 Nov 2020 16:01:14 +0000
+Subject: [PATCH] ITS#9384 remove assert in obsolete csnNormalize23()
+
+---
+ servers/slapd/schema_init.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
+index 5812bc4b66..ea0d67aa62 100644
+--- a/servers/slapd/schema_init.c
++++ b/servers/slapd/schema_init.c
+@@ -5327,8 +5327,8 @@ csnNormalize23(
+ 	}
+ 	*ptr = '\0';
+ 
+-	assert( ptr == &bv.bv_val[bv.bv_len] );
+-	if ( csnValidate( syntax, &bv ) != LDAP_SUCCESS ) {
++	if ( ptr != &bv.bv_val[bv.bv_len] ||
++		csnValidate( syntax, &bv ) != LDAP_SUCCESS ) {
+ 		return LDAP_INVALID_SYNTAX;
+ 	}
+ 
+-- 
+GitLab
diff --git a/CVE-2021-27212.patch b/CVE-2021-27212.patch
new file mode 100644
index 0000000000000000000000000000000000000000..663cae6a964179807a29b5b21b3cf39acd457562
--- /dev/null
+++ b/CVE-2021-27212.patch
@@ -0,0 +1,28 @@
+From 3539fc33212b528c56b716584f2c2994af7c30b0 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Sat, 6 Feb 2021 20:52:06 +0000
+Subject: [PATCH] ITS#9454 fix issuerAndThisUpdateCheck
+
+Reference:https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0
+
+---
+ servers/slapd/schema_init.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
+index 466899625..914df70eb 100644
+--- a/servers/slapd/schema_init.c
++++ b/servers/slapd/schema_init.c
+@@ -3975,6 +3975,8 @@ issuerAndThisUpdateCheck(
+ 					break;
+ 				}
+ 			}
++			if ( tu->bv_len < STRLENOF("YYYYmmddHHmmssZ") ) return LDAP_INVALID_SYNTAX;
++
+ 			x.bv_val += tu->bv_len + 1;
+ 			x.bv_len -= tu->bv_len + 1;
+ 
+
+-- 
+GitLab
+
diff --git a/backport-Fix-test-suite.patch b/backport-Fix-test-suite.patch
new file mode 100644
index 0000000000000000000000000000000000000000..cc8f72e1ff1d6ca8ef28a74465a0731311aaf204
--- /dev/null
+++ b/backport-Fix-test-suite.patch
@@ -0,0 +1,71 @@
+From 70f87370f99e78ac3874501bfe5124dbb86185a8 Mon Sep 17 00:00:00 2001
+From: zhangqiumiao <zhangqiumiao1@huawei.com>
+Date: Fri, 25 Sep 2020 21:56:43 +0800
+Subject: [PATCH] backport Fix test suite
+
+---
+ tests/data/monitor2.out        |  3 ---
+ tests/scripts/test052-memberof |  2 +-
+ tests/scripts/test056-monitor  | 11 ++---------
+ 3 files changed, 3 insertions(+), 13 deletions(-)
+
+diff --git a/tests/data/monitor2.out b/tests/data/monitor2.out
+index 26e9ce9..20209d1 100644
+--- a/tests/data/monitor2.out
++++ b/tests/data/monitor2.out
+@@ -10,9 +10,6 @@ structuralObjectClass: monitoredObject
+ monitorIsShadow: FALSE
+ namingContexts: o=OpenLDAP Project,l=Internet
+ readOnly: FALSE
+-olmBDBEntryCache: 0
+-olmBDBDNCache: 0
+-olmBDBIDLCache: 0
+ entryDN: cn=Database 1,cn=Databases,cn=Monitor
+ 
+ dn: cn=Database 2,cn=Databases,cn=Monitor
+diff --git a/tests/scripts/test052-memberof b/tests/scripts/test052-memberof
+index a73a929..1dba946 100755
+--- a/tests/scripts/test052-memberof
++++ b/tests/scripts/test052-memberof
+@@ -72,7 +72,7 @@ EOF
+ 	fi
+ fi
+ 
+-indexInclude="" mainInclude="" " nullExclude=""
++indexInclude="" mainInclude="" nullExclude=""
+ test $INDEXDB = indexdb	|| indexInclude="# "
+ test $MAINDB  = maindb	|| mainInclude="# "
+ case $BACKEND in
+diff --git a/tests/scripts/test056-monitor b/tests/scripts/test056-monitor
+index 7a87eaa..0e1ba20 100755
+--- a/tests/scripts/test056-monitor
++++ b/tests/scripts/test056-monitor
+@@ -85,7 +85,7 @@ echo "Using ldapsearch to read database monitor entries..."
+ $LDAPSEARCH -S "" -b "$DATABASESMONITORDN" -h $LOCALHOST -p $PORT1 \
+ 	'objectclass=*' \
+ 	structuralObjectClass entryDN namingContexts readOnly \
+-	monitorIsShadow monitorContext
++	monitorIsShadow monitorContext \
+ 	> $SEARCHOUT 2>&1
+ RC=$?
+ 
+@@ -98,15 +98,8 @@ fi
+ echo "Filtering ldapsearch results..."
+ $LDIFFILTER -b monitor < $SEARCHOUT > $SEARCHFLT
+ 
+-TMPMONITOROUT2=$MONITOROUT2
+-case $BACKEND in
+-*)
+-	TMPMONITOROUT2=$TESTDIR/monitor2.out
+-	;;
+-esac
+-
+ echo "Comparing filter output..."
+-$CMP $SEARCHFLT $TMPMONITOROUT2 > $CMPOUT
++$CMP $SEARCHFLT $MONITOROUT2 > $CMPOUT
+ 
+ if test $? != 0 ; then
+         echo "comparison failed - database monitor output is not correct"
+-- 
+2.19.1
+
diff --git a/openldap.spec b/openldap.spec
index 965a3dfa653ff3b24125466369f2abda58b2e589..78b7791e590ee2c6c3c7a898bfcd10754aba0f5c 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -2,7 +2,7 @@
 
 Name:           openldap
 Version:        2.4.50
-Release:        5
+Release:        6
 Summary:        LDAP support libraries
 License:        OpenLDAP
 URL:            https://www.openldap.org/
@@ -57,6 +57,10 @@ Patch36:	CVE-2020-36227.patch
 Patch37:	CVE-2020-36228.patch
 Patch38:	CVE-2020-36230.patch
 Patch39:	CVE-2020-36229.patch
+Patch40:        CVE-2021-27212.patch
+Patch41:        CVE-2020-25709.patch
+Patch42:        CVE-2020-25710.patch
+Patch43:        backport-Fix-test-suite.patch
 
 BuildRequires:  cyrus-sasl-devel openssl-devel krb5-devel unixODBC-devel
 BuildRequires:  glibc-devel libtool libtool-ltdl-devel groff perl-interpreter perl-devel perl-generators perl-ExtUtils-Embed
@@ -161,6 +165,10 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
 %patch37 -p1
 %patch38 -p1
 %patch39 -p1
+%patch40 -p1
+%patch41 -p1
+%patch42 -p1
+%patch43 -p1
 
 ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
 mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
@@ -443,6 +451,12 @@ popd
 %doc ltb-project-openldap-ppolicy-check-password-1.1/README.check_pwd
 
 %changelog
+* Thu Oct 28 2021 zengweifeng <zwfeng@huawei.com> - 2.4.50-6
+- Type:cves
+- ID:NA
+- SUG:restart
+- DESC: fix CVE-2020-25709  CVE-2020-25710  CVE-2021-27212
+
 * Thu Feb 18 2021 liulong <liulong20@huawei.com> - 2.4.50-5
 - Type:cves
 - ID:NA