diff --git a/0009-CVE-2022-24329.patch b/0009-CVE-2022-24329.patch
new file mode 100644
index 0000000000000000000000000000000000000000..6e01b05c87e1a7509e167b06d1478777004f72c0
--- /dev/null
+++ b/0009-CVE-2022-24329.patch
@@ -0,0 +1,73 @@
+diff --git a/distribution/server/src/assemble/LICENSE.bin.txt b/distribution/server/src/assemble/LICENSE.bin.txt
+index 87c54acbe3..e32d3d9f43 100644
+--- a/distribution/server/src/assemble/LICENSE.bin.txt
++++ b/distribution/server/src/assemble/LICENSE.bin.txt
+@@ -462,10 +462,10 @@ The Apache Software License, Version 2.0
+ * Okio - com.squareup.okio-okio-2.8.0.jar
+ * Javassist -- org.javassist-javassist-3.25.0-GA.jar
+ * Kotlin Standard Lib
+- - org.jetbrains.kotlin-kotlin-stdlib-1.4.32.jar
+- - org.jetbrains.kotlin-kotlin-stdlib-common-1.4.32.jar
+- - org.jetbrains.kotlin-kotlin-stdlib-jdk7-1.4.32.jar
+- - org.jetbrains.kotlin-kotlin-stdlib-jdk8-1.4.32.jar
++ - org.jetbrains.kotlin-kotlin-stdlib-1.6.0.jar
++ - org.jetbrains.kotlin-kotlin-stdlib-common-1.6.0.jar
++ - org.jetbrains.kotlin-kotlin-stdlib-jdk7-1.6.0.jar
++ - org.jetbrains.kotlin-kotlin-stdlib-jdk8-1.6.0.jar
+ - org.jetbrains-annotations-13.0.jar
+ * gRPC
+ - io.grpc-grpc-all-1.45.1.jar
+diff --git a/pom.xml b/pom.xml
+index 52c1e587ad..5bdf7946f5 100644
+--- a/pom.xml
++++ b/pom.xml
+@@ -203,7 +203,7 @@ flexible messaging model and an intuitive client API.
+
+ 2.8.0
+
+- 1.4.32
++ 1.6.0
+ 1.0
+ 9.1.6
+ 5.3.19
+diff --git a/src/owasp-dependency-check-suppressions.xml b/src/owasp-dependency-check-suppressions.xml
+index 201a23baa0..07300d2601 100644
+--- a/src/owasp-dependency-check-suppressions.xml
++++ b/src/owasp-dependency-check-suppressions.xml
+@@ -60,36 +60,6 @@
+ .*
+
+
+-
+-
+-
+- ef50bfa2c0491a11dcc35d9822edbfd6170e1ea2
+- cpe:/a:jetbrains:kotlin
+-
+-
+-
+- 3546900a3ebff0c43f31190baf87a9220e37b7ea
+- CVE-2022-24329
+-
+-
+-
+- 3302f9ec8a5c1ed220781dbd37770072549bd333
+- CVE-2022-24329
+-
+-
+-
+- 461367948840adbb0839c51d91ed74ef4a9ccb52
+- CVE-2022-24329
+-
+-
+
+
+ /dev/null || useradd -r -g pulsar -d / -s /sbin/nologin pu
exit 0
%changelog
+* Mon Dec 5 2023 Dapeng Sun - 2.10.4-9
+- resolve cve-2022-24329
* Mon Dec 4 2023 Dapeng Sun - 2.10.4-8
- resolve cve-2023-26048
* Mon Dec 4 2023 Dapeng Sun - 2.10.4-7