diff --git a/backport-CVE-2021-46823.patch b/backport-CVE-2021-46823.patch
new file mode 100644
index 0000000000000000000000000000000000000000..6aa5ea28532c778a661eee832fba1f5449f69157
--- /dev/null
+++ b/backport-CVE-2021-46823.patch
@@ -0,0 +1,22 @@
+From faa011b41f7141121546045925d809d54e70f5fd Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Fri, 15 Oct 2021 15:21:37 +0100
+Subject: [PATCH] Fix ReDoS in regex.
+
+---
+ Lib/ldap/schema/tokenizer.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Lib/ldap/schema/tokenizer.py b/Lib/ldap/schema/tokenizer.py
+index 69823f2b..623b86d5 100644
+--- a/Lib/ldap/schema/tokenizer.py
++++ b/Lib/ldap/schema/tokenizer.py
+@@ -13,7 +13,7 @@
+     r"|"              # or
+     r"([^'$()\s]+)"   # string of length >= 1 without '$() or whitespace
+     r"|"              # or
+-    r"('(?:[^'\\]|\\\\|\\.)*?'(?!\w))"
++    r"('(?:[^'\\]|\\.)*'(?!\w))"
+                       # any string or empty string surrounded by unescaped
+                       # single quotes except if right quote is succeeded by
+                       # alphanumeric char
diff --git a/python-ldap.spec b/python-ldap.spec
index 6c63fe1cde06a07e81343cd3915d61d6d7131a9c..c19d95cef18d2d564b9b6960f2bdcb552010917c 100644
--- a/python-ldap.spec
+++ b/python-ldap.spec
@@ -1,7 +1,7 @@
 %define debug_package %{nil}
 Name:		python-ldap
 Version:	3.3.1
-Release:	2
+Release:	3
 Summary:	An object-oriented API to access LDAP directory servers
 License:	Python
 URL:		http://python-ldap.org/
@@ -10,6 +10,8 @@ Source0:	https://files.pythonhosted.org/packages/source/p/%{name}/%{name}-%{vers
 BuildRequires:	gcc openldap-devel
 BuildRequires:  python3-devel python3-setuptools
 
+Patch0:		backport-CVE-2021-46823.patch
+
 %description
 python-ldap provides an object-oriented API for working with LDAP within\
 Python programs.  It allows access to LDAP directory servers by wrapping the\
@@ -35,7 +37,7 @@ OpenLDAP 2.x libraries, and contains modules for other LDAP-related tasks\
 %package_help
 
 %prep
-%autosetup -n %{name}-%{version}
+%autosetup -p1 -n %{name}-%{version}
 find . -name '*.py' | xargs sed -i '1s|^#!/usr/bin/env python|#!%{__python3}|'
 sed -i 's,-Werror,-Wignore,g' tox.ini
 %build
@@ -56,6 +58,12 @@ sed -i 's,-Werror,-Wignore,g' tox.ini
 %doc CHANGES README TODO Demo
 
 %changelog
+* Tue Jul 26 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 3.3.1-3
+- Type:CVE
+- Id:CVE-2021-46823
+- SUG:NA
+- DESC:fix CVE-2021-46823
+
 * Fri Mar 04 2022 zhaoshuang <zhaoshuang@uniontech.com> - 3.3.1-2
 - remove some unnecessary buildrequires