diff --git a/backport-CVE-2020-7060-Fix-bug-79037-global-buffer-overflow-in-mbfl_filt_co.patch b/backport-CVE-2020-7060-Fix-bug-79037-global-buffer-overflow-in-mbfl_filt_co.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b103d510fb61771aa5e8f0ade37e8d98c3a3d864
--- /dev/null
+++ b/backport-CVE-2020-7060-Fix-bug-79037-global-buffer-overflow-in-mbfl_filt_co.patch
@@ -0,0 +1,63 @@
+From 2bcbc95f033c31b00595ed39f79c3a99b4ed0501 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <stas@php.net>
+Date: Mon, 20 Jan 2020 21:42:44 -0800
+Subject: [PATCH] Fix bug #79037 (global buffer-overflow in
+ `mbfl_filt_conv_big5_wchar`)
+
+---
+ ext/mbstring/libmbfl/filters/mbfilter_big5.c | 17 ++++++++++++-----
+ ext/mbstring/tests/bug79037.phpt             | 10 ++++++++++
+ 2 files changed, 22 insertions(+), 5 deletions(-)
+ create mode 100644 ext/mbstring/tests/bug79037.phpt
+
+diff --git a/ext/mbstring/libmbfl/filters/mbfilter_big5.c b/ext/mbstring/libmbfl/filters/mbfilter_big5.c
+index f5ab8809ce8a..5e1ca815da31 100644
+--- a/ext/mbstring/libmbfl/filters/mbfilter_big5.c
++++ b/ext/mbstring/libmbfl/filters/mbfilter_big5.c
+@@ -138,6 +138,17 @@ static unsigned short cp950_pua_tbl[][4] = {
+ 	{0xf70f,0xf848,0xc740,0xc8fe},
+ };
+ 
++static inline int is_in_cp950_pua(int c1, int c) {
++	if ((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) ||
++			(c1 >= 0x81 && c1 <= 0x8d) || (c1 >= 0xc7 && c1 <= 0xc8)) {
++		return (c >=0x40 && c <= 0x7e) || (c >= 0xa1 && c <= 0xfe);
++	}
++	if (c1 == 0xc6) {
++		return c >= 0xa1 && c <= 0xfe;
++	}
++	return 0;
++}
++
+ /*
+  * Big5 => wchar
+  */
+@@ -186,11 +197,7 @@ mbfl_filt_conv_big5_wchar(int c, mbfl_convert_filter *filter)
+ 
+ 			if (filter->from->no_encoding == mbfl_no_encoding_cp950) {
+ 				/* PUA for CP950 */
+-				if (w <= 0 &&
+-					(((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) ||
+-					  (c1 >= 0x81 && c1 <= 0x8d) ||(c1 >= 0xc7 && c1 <= 0xc8))
+-					 && ((c > 0x39 && c < 0x7f) || (c > 0xa0 && c < 0xff))) ||
+-					((c1 == 0xc6) && (c > 0xa0 && c < 0xff))) {
++				if (w <= 0 && is_in_cp950_pua(c1, c)) {
+ 					c2 = c1 << 8 | c;
+ 					for (k = 0; k < sizeof(cp950_pua_tbl)/(sizeof(unsigned short)*4); k++) {
+ 						if (c2 >= cp950_pua_tbl[k][2] && c2 <= cp950_pua_tbl[k][3]) {
+diff --git a/ext/mbstring/tests/bug79037.phpt b/ext/mbstring/tests/bug79037.phpt
+new file mode 100644
+index 000000000000..94ff01a4a1da
+--- /dev/null
++++ b/ext/mbstring/tests/bug79037.phpt
+@@ -0,0 +1,10 @@
++--TEST--
++Bug #79037: global buffer-overflow in `mbfl_filt_conv_big5_wchar`
++--FILE--
++<?php
++
++var_dump(mb_convert_encoding("\x81\x3a", "UTF-8", "CP950"));
++
++?>
++--EXPECT--
++string(1) "?"
diff --git a/php.spec b/php.spec
index 88430a5f281796d600434768658cc638473e273d..84a90e7da85bf82ac910861813d9acc3515d34ce 100644
--- a/php.spec
+++ b/php.spec
@@ -28,7 +28,7 @@
 
 Name:          php
 Version:       %{upver}%{?rcver:~%{rcver}}
-Release:       11
+Release:       12
 Summary:       PHP scripting language for creating dynamic web sites
 License:       PHP and Zend and BSD and MIT and ASL 1.0 and NCSA
 URL:           http://www.php.net/
@@ -100,6 +100,7 @@ Patch6026:     CVE-2020-7063.patch
 Patch6027:     backport-CVE-2020-7059-Fix-79099-OOB-read.patch
 Patch6028:     backport-CVE-2020-7062-Fix-bug-79221.patch
 Patch6029:     backport-CVE-2020-7071-Fix-bug-77423.patch
+Patch6030:     backport-CVE-2020-7060-Fix-bug-79037-global-buffer-overflow-in-mbfl_filt_co.patch
 
 BuildRequires: bzip2-devel, curl-devel >= 7.9, httpd-devel >= 2.0.46-1, pam-devel, httpd-filesystem, nginx-filesystem
 BuildRequires: libstdc++-devel, openssl-devel, sqlite-devel >= 3.6.0, zlib-devel, smtpdaemon, libedit-devel
@@ -1161,6 +1162,9 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
 
 
 %changelog
+* Tue Feb 2 2021 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 7.2.10-12
+- Fix CVE-2020-7060
+
 * Wed Jan 20 2021 Hugel <gengqihu1@huawei.com> - 7.2.10-11
 - Fix CVE-2020-7062 CVE-2020-7071