diff --git a/Fix-CVE-2022-44571.patch b/Fix-CVE-2022-44571.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a68eddbd8efd9516bde4b1ccf77ca47dc0346304
--- /dev/null
+++ b/Fix-CVE-2022-44571.patch
@@ -0,0 +1,31 @@
+From ee25ab9a7ee981d7578f559701085b0cf39bde77 Mon Sep 17 00:00:00 2001
+From: Aaron Patterson <tenderlove@ruby-lang.org>
+Date: Tue, 17 Jan 2023 12:14:29 -0800
+Subject: [PATCH] Fix ReDoS vulnerability in multipart parser
+
+This commit fixes a ReDoS vulnerability when parsing the
+Content-Disposition field in multipart attachments
+
+Thanks to @ooooooo_q for the patch!
+
+[CVE-2022-44571]
+---
+ lib/rack/multipart.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/rack/multipart.rb b/lib/rack/multipart.rb
+index 7695fe76..fdae808a 100644
+--- a/lib/rack/multipart.rb
++++ b/lib/rack/multipart.rb
+@@ -18,7 +18,7 @@ module Rack
+     VALUE = /"(?:\\"|[^"])*"|#{TOKEN}/
+     BROKEN = /^#{CONDISP}.*;\s*filename=(#{VALUE})/i
+     MULTIPART_CONTENT_TYPE = /Content-Type: (.*)#{EOL}/ni
+-    MULTIPART_CONTENT_DISPOSITION = /Content-Disposition:.*;\s*name=(#{VALUE})/ni
++    MULTIPART_CONTENT_DISPOSITION = /Content-Disposition:[^:]*;\s*name=(#{VALUE})/ni
+     MULTIPART_CONTENT_ID = /Content-ID:\s*([^#{EOL}]*)/ni
+     # Updated definitions from RFC 2231
+     ATTRIBUTE_CHAR = %r{[^ \t\v\n\r)(><@,;:\\"/\[\]?='*%]}
+-- 
+2.25.1
+
diff --git a/rubygem-rack.spec b/rubygem-rack.spec
index 6a69953455dfe92d893026748510b20b0b87a0f2..b61e34d67bc30fc0a0903bc600284c8fbac1a221 100644
--- a/rubygem-rack.spec
+++ b/rubygem-rack.spec
@@ -4,7 +4,7 @@
 Name:    rubygem-%{gem_name}
 Version: 2.2.4
 Epoch:   1
-Release: 6
+Release: 7
 Summary: A modular Ruby webserver interface
 License: MIT and BSD
 URL:     https://rack.github.io/
@@ -15,6 +15,7 @@ Patch2: Fix-CVE-2024-26141.patch
 Patch3: Fix-CVE-2024-26146.patch
 Patch4: Fix-CVE-2024-25126.patch
 Patch5: Fix-CVE-2022-44570.patch
+Patch6: Fix-CVE-2022-44571.patch
 BuildRequires: ruby(release) rubygems-devel ruby >= 2.2.2 git
 BuildRequires: memcached rubygem(memcache-client) rubygem(minitest)
 BuildRequires: rubygem(memcache-client)
@@ -103,6 +104,12 @@ popd
 %doc %{gem_instdir}/contrib
 
 %changelog
+* Wed Apr 10 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.4-7
+- Type:CVES
+- ID:CVE-2022-44571
+- SUG:NA
+- DESC:CVE-2022-44571
+
 * Tue Apr 09 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.4-6
 - Type:CVES
 - ID:CVE-2022-44570