diff --git a/backport-CVE-2020-17525.patch b/backport-CVE-2020-17525.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7bdf0b0d629ca8815bb0eedcd4b13dd994bed640
--- /dev/null
+++ b/backport-CVE-2020-17525.patch
@@ -0,0 +1,26 @@
+From: Stefan Sperling <stsp@apache.org>
+Date: Fri, 29 Jan 2021 13:17:15 +0000
+Subject: Fix a potential NULL dereference in the config file parser.
+
+* subversion/libsvn_repos/config_file.c
+   (get_repos_config): svn_repos_find_root_path() may return NULL.
+   Check the return value accordingly.
+---
+ subversion/libsvn_repos/config_file.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/subversion/libsvn_repos/config_file.c b/subversion/libsvn_repos/config_file.c
+index 9187277..2414db9 100644
+--- a/subversion/libsvn_repos/config_file.c
++++ b/subversion/libsvn_repos/config_file.c
+@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream,
+     {
+       /* Search for a repository in the full path. */
+       repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool);
++      if (repos_root_dirent == NULL)
++        return svn_error_trace(handle_missing_file(stream, checksum, access,
++                                                   url, must_exist,
++                                                   svn_node_none));
+ 
+       /* Attempt to open a repository at repos_root_dirent. */
+       SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL,
diff --git a/subversion.spec b/subversion.spec
index 9db0684f207f862c409687bc5ecfea7ecb62a25b..e4083b44a9068d297570e2ebcf1bf4106120853e 100644
--- a/subversion.spec
+++ b/subversion.spec
@@ -10,12 +10,14 @@
 Summary: Subversion, a version control system.
 Name: subversion
 Version: 1.14.0
-Release: 1
+Release: 2
 License: ASL 2.0
 URL: https://subversion.apache.org/
 
 Source0: https://www.apache.org/dist/subversion/subversion-%{version}.tar.bz2
 
+Patch1: backport-CVE-2020-17525.patch
+
 BuildRequires: autoconf libtool texinfo which swig gettext libdb-devel apr-devel apr-util-devel libserf-devel cyrus-sasl-devel sqlite-devel file-devel utf8proc-devel lz4-devel apr-util-openssl dbus-devel, libsecret-devel httpd-devel git
 Requires: httpd
 
@@ -310,6 +312,12 @@ make check-javahl
 %endif
 
 %changelog
+* Mon Feb 22 2021 yixiangzhike<zhangxingliang3@huawei.com> - 1.14.0-2
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:Fix CVE-2020-17525
+
 * Sat Aug 1 2020 yang_zhuang_zhuang<yangzhuangzhuang1@huawei.com> - 1.14.0-1
 - Type:enhancement
 - ID:NA