diff --git a/backport-0001-CVE-2021-34552.patch b/backport-0001-CVE-2021-34552.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f7f4d833eb2a0f4c13c71a960b6f40103f8b1b8f
--- /dev/null
+++ b/backport-0001-CVE-2021-34552.patch
@@ -0,0 +1,43 @@
+From 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 Mon Sep 17 00:00:00 2001
+From: Andrew Murray <radarhere@users.noreply.github.com>
+Date: Tue, 15 Jun 2021 15:14:26 +1000
+Subject: [PATCH] Limit sprintf modes to 10 characters
+
+Conflict:NA
+Reference:https://github.com/python-pillow/Pillow/commit/5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97
+
+---
+ src/libImaging/Convert.c | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c
+index b0b794d..64bbeee 100644
+--- a/src/libImaging/Convert.c
++++ b/src/libImaging/Convert.c
+@@ -1664,9 +1664,8 @@ convert(Imaging imOut, Imaging imIn, const char *mode,
+ #ifdef notdef
+         return (Imaging) ImagingError_ValueError("conversion not supported");
+ #else
+-        static char buf[256];
+-        /* FIXME: may overflow if mode is too large */
+-        sprintf(buf, "conversion from %s to %s not supported", imIn->mode, mode);
++        static char buf[100];
++        sprintf(buf, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
+         return (Imaging) ImagingError_ValueError(buf);
+ #endif
+     }
+@@ -1724,9 +1723,8 @@ ImagingConvertTransparent(Imaging imIn, const char *mode,
+     }
+ #else
+     {
+-      static char buf[256];
+-      /* FIXME: may overflow if mode is too large */
+-      sprintf(buf, "conversion from %s to %s not supported in convert_transparent", imIn->mode, mode);
++      static char buf[100];
++      sprintf(buf, "conversion from %.10s to %.10s not supported in convert_transparent", imIn->mode, mode);
+       return (Imaging) ImagingError_ValueError(buf);
+     }
+ #endif
+-- 
+2.27.0
+
diff --git a/backport-0002-CVE-2021-34552.patch b/backport-0002-CVE-2021-34552.patch
new file mode 100644
index 0000000000000000000000000000000000000000..0c3ddd82f55f7f98945c5abb6a9c85831e912b6c
--- /dev/null
+++ b/backport-0002-CVE-2021-34552.patch
@@ -0,0 +1,37 @@
+From 518ee3722a99d7f7d890db82a20bd81c1c0327fb Mon Sep 17 00:00:00 2001
+From: Andrew Murray <radarhere@users.noreply.github.com>
+Date: Wed, 30 Jun 2021 23:47:10 +1000
+Subject: [PATCH] Use snprintf instead of sprintf
+
+Conflict:NA
+Reference:https://github.com/python-pillow/Pillow/commit/518ee3722a99d7f7d890db82a20bd81c1c0327fb
+
+---
+ src/libImaging/Convert.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c
+index 64bbeee..28b952e 100644
+--- a/src/libImaging/Convert.c
++++ b/src/libImaging/Convert.c
+@@ -1665,7 +1665,7 @@ convert(Imaging imOut, Imaging imIn, const char *mode,
+         return (Imaging) ImagingError_ValueError("conversion not supported");
+ #else
+         static char buf[100];
+-        sprintf(buf, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
++        snprintf(buf, 100, "conversion from %.10s to %.10s not supported", imIn->mode, mode);
+         return (Imaging) ImagingError_ValueError(buf);
+ #endif
+     }
+@@ -1724,7 +1724,7 @@ ImagingConvertTransparent(Imaging imIn, const char *mode,
+ #else
+     {
+       static char buf[100];
+-      sprintf(buf, "conversion from %.10s to %.10s not supported in convert_transparent", imIn->mode, mode);
++      snprintf(buf, 100, "conversion from %.10s to %.10s not supported in convert_transparent", imIn->mode, mode);
+       return (Imaging) ImagingError_ValueError(buf);
+     }
+ #endif
+-- 
+2.27.0
+
diff --git a/backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch b/backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d137b9b9b061f0de006d2810f799f08b3e1fbd73
--- /dev/null
+++ b/backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
@@ -0,0 +1,31 @@
+From 6fc039a21c683b13c311e1759c3570bc4dc5f459 Mon Sep 17 00:00:00 2001
+From: Andrew Murray <radarhere@users.noreply.github.com>
+Date: Tue, 4 May 2021 16:50:12 +1000
+Subject: [PATCH] Updated default value for SAMPLESPERPIXEL tag
+
+Conflict:NA
+Reference:https://github.com/python-pillow/Pillow/commit/6fc039a21c683b13c311e1759c3570bc4dc5f459
+
+---
+ src/PIL/TiffImagePlugin.py | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/PIL/TiffImagePlugin.py b/src/PIL/TiffImagePlugin.py
+index ced414f..860d870 100644
+--- a/src/PIL/TiffImagePlugin.py
++++ b/src/PIL/TiffImagePlugin.py
+@@ -1250,7 +1250,10 @@ class TiffImageFile(ImageFile.ImageFile):
+         if bps_count > len(bps_tuple) and len(bps_tuple) == 1:
+             bps_tuple = bps_tuple * bps_count
+ 
+-        samplesPerPixel = self.tag_v2.get(SAMPLESPERPIXEL, 1)
++        samplesPerPixel = self.tag_v2.get(
++            SAMPLESPERPIXEL,
++            3 if self._compression == "tiff_jpeg" and photo in (2, 6) else 1,
++        )
+         if len(bps_tuple) != samplesPerPixel:
+             raise SyntaxError("unknown data organization")
+ 
+-- 
+2.27.0
+
diff --git a/python-pillow.spec b/python-pillow.spec
index 4decb21d14a5acef7dfe82cba223900ec1155f76..e59718cda6d66bce1359a6d6fc55c21693f61cf6 100644
--- a/python-pillow.spec
+++ b/python-pillow.spec
@@ -5,7 +5,7 @@
  
 Name:           python-pillow
 Version:        8.1.1
-Release:        4
+Release:        5
 Summary:        Python image processing library 
 License:        MIT
 URL:            http://python-pillow.github.io/
@@ -25,7 +25,10 @@ Patch6008:      backport-Fixed-linear_gradient-and-radial_gradient-32-bit-mod.pa
 Patch6009:      backport-fixes-crash-74d2.patch
 Patch6010:      backport-fix-for-crash-8115.patch
 Patch6011:      backport-Fix-Memory-DOS-in-ImageFont.patch
- 
+Patch6012:      backport-0001-CVE-2021-34552.patch
+Patch6013:      backport-0002-CVE-2021-34552.patch
+Patch6014:      backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
+
 BuildRequires:  freetype-devel ghostscript lcms2-devel libimagequant-devel libjpeg-devel libraqm-devel libtiff-devel
 BuildRequires:  libwebp-devel openjpeg2-devel tk-devel zlib-devel python3-cffi python3-devel python3-numpy python3-olefile
 BuildRequires:  python3-qt5 python3-setuptools python3-tkinter
@@ -156,12 +159,18 @@ popd
 %{python3_sitearch}/PIL/__pycache__/ImageQt*
 
 %changelog
+* Thu Jul 15 2021 liuyumeng <liuyumeng5@huawei.com> -8.1.1-5
+- Type:bugfix
+- CVE:CVE-2021-34552
+- SUG:NA
+- DESC:incorporate community patch
+
 * Mon Jun 21 2021 hanhui <hanhui15@huawei.com> - 8.1.1-4
 - DESC: in the check section,using the cp -a instead of install
 
-* Mon Jun 15 2021 hanhui <hanhui15@huawei.com> - 8.1.1-3
+* Tue Jun 15 2021 hanhui <hanhui15@huawei.com> - 8.1.1-3
 - Type:bugfix
-- CVE:NA
+- CVE:CVE-2021-28675 CVE-2021-28676 CVE-2021-28677 CVE-2021-28678 CVE-2021-25287 CVE-2021-25288
 - SUG:NA
 - DESC: incorporate community patch