diff --git a/CVE-2022-23634.patch b/CVE-2022-23634.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3a97180512957d7aecc50fcc20b280f2895456be
--- /dev/null
+++ b/CVE-2022-23634.patch
@@ -0,0 +1,44 @@
+From b70f451fe8abc0cff192c065d549778452e155bb Mon Sep 17 00:00:00 2001
+From: Jean Boussier <jean.boussier@gmail.com>
+Date: Fri, 11 Feb 2022 15:58:08 +0100
+Subject: [PATCH] Ensure `close` is called on the response body no matter what
+
+Another fallout from https://github.com/puma/puma/pull/2809 is that
+in some cases the `res_body.close` wasn't called because some previous code
+raised.
+
+For Rails apps it means CurrentAttributes and a few other important
+states aren't reset properly.
+
+This is being improved on the Rails side too, but I believe it would
+be good to harden this on the puma side as well.
+---
+ lib/puma/request.rb | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/lib/puma/request.rb b/lib/puma/request.rb
+index 10508c8d44..691ada424f 100644
+--- a/lib/puma/request.rb
++++ b/lib/puma/request.rb
+@@ -171,11 +171,16 @@ def handle_request(client, lines, requests)
+         end
+ 
+       ensure
+-        uncork_socket io
+-
+-        body.close
+-        client.tempfile.unlink if client.tempfile
+-        res_body.close if res_body.respond_to? :close
++        begin
++          uncork_socket io
++
++          body.close
++          client.tempfile.unlink if client.tempfile
++        ensure
++          # Whatever happens, we MUST call `close` on the response body.
++          # Otherwise Rack::BodyProxy callbacks may not fire and lead to various state leaks
++          res_body.close if res_body.respond_to? :close
++        end
+ 
+         after_reply.each { |o| o.call }
+       end
diff --git a/rubygem-puma.spec b/rubygem-puma.spec
index c205e8c38c1af9bcbd5c84cef6e388d42ee9b261..86fa6b6889c86e97d861e0965d38b20a86568363 100644
--- a/rubygem-puma.spec
+++ b/rubygem-puma.spec
@@ -2,7 +2,7 @@
 %bcond_with ragel
 Name:                rubygem-%{gem_name}
 Version:             5.5.2
-Release:             1
+Release:             2
 Summary:             A simple, fast, threaded, and highly concurrent HTTP 1.1 server
 License:             BSD-3-Clause
 URL:                 http://puma.io
@@ -12,6 +12,8 @@ Source1:             https://github.com/puma/%{gem_name}/archive/refs/tags/v%{ve
 # https://fedoraproject.org/wiki/Packaging:CryptoPolicies
 Patch0:              rubygem-puma-3.6.0-crypto-policy-cipher-list.patch
 Patch1:              Support-for-cert_pem-and-key_pem-with-ssl_bind-DSL.patch
+# https://github.com/puma/puma/commit/b70f451fe8abc0cff192c065d549778452e155bb
+Patch2:              CVE-2022-23634.patch
 
 BuildRequires:       openssl-devel ruby(release) rubygems-devel ruby-devel rubygem(rack)
 BuildRequires:       rubygem(minitest) rubygem(sd_notify)
@@ -35,6 +37,7 @@ Documentation for %{name}.
 %setup -q -n  %{gem_name}-%{version} -b 1
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %if %{with ragel}
 rm -f ext/puma_http11/http11_parser.c
@@ -119,6 +122,9 @@ ruby -e 'Dir.glob "./test/**/test_*.rb", &method(:require)'
 %{gem_instdir}/tools
 
 %changelog
+* Tue Dec 19 2023 yaoxin <yao_xin001@hoperun.com> - 5.5.2-2
+- Fix CVE-2022-23634
+
 * Tue Nov 1 2022 cadongxia <caodongxia@h-partners.com> - 5.5.2-1
 - Upgrade to 5.5.2