diff --git a/0001-Backport-fix-CVE-2024-1013.patch b/0001-Backport-fix-CVE-2024-1013.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8c87b80d36a2d7ab650dc497f2b6d138eb1b9467
--- /dev/null
+++ b/0001-Backport-fix-CVE-2024-1013.patch
@@ -0,0 +1,47 @@
+From 8636447fb03559648af6f8dd8ee43d26699f59f0 Mon Sep 17 00:00:00 2001
+From: hanqiudan <hanqiudan@huawei.com>
+Date: Sat, 23 Mar 2024 11:00:55 +0800
+Subject: [PATCH] [Backport] fix CVE-2024-1013
+
+Offering:EulerOS Server
+CVE:CVE-2024-1013
+Reference:https://github.com/lurcher/unixODBC/commit/45f501e1be2db6b017cc242c79bfb9de32b332a1
+Type:CVE
+reason:fix CVE-2024-1013
+---
+ Drivers/Postgre7.1/info.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/Drivers/Postgre7.1/info.c b/Drivers/Postgre7.1/info.c
+index 63ac91f..2216ecd 100755
+--- a/Drivers/Postgre7.1/info.c
++++ b/Drivers/Postgre7.1/info.c
+@@ -1779,14 +1779,14 @@ char *table_name;
+ char index_name[MAX_INFO_STRING];
+ short fields_vector[8];
+ char isunique[10], isclustered[10];
+-SDWORD index_name_len, fields_vector_len;
++SQLLEN index_name_len, fields_vector_len;
+ TupleNode *row;
+ int i;
+ HSTMT hcol_stmt;
+ StatementClass *col_stmt, *indx_stmt;
+ char column_name[MAX_INFO_STRING], relhasrules[MAX_INFO_STRING];
+ char **column_names = 0;
+-Int4 column_name_len;
++SQLLEN column_name_len;
+ int total_columns = 0;
+ char error = TRUE;
+ ConnInfo *ci;
+@@ -2136,7 +2136,7 @@ HSTMT htbl_stmt;
+ StatementClass *tbl_stmt;
+ char tables_query[STD_STATEMENT_LEN];
+ char attname[MAX_INFO_STRING];
+-SDWORD attname_len;
++SQLLEN attname_len;
+ char pktab[MAX_TABLE_LEN + 1];
+ Int2 result_cols;
+ 
+-- 
+2.23.0
+
diff --git a/unixODBC.spec b/unixODBC.spec
index 3f615f5451c39b6a5386c490ad31d4ec3d6257c1..c23570ed9f3ecdda6d6d71bc5b69f9a1f61acc78 100644
--- a/unixODBC.spec
+++ b/unixODBC.spec
@@ -1,6 +1,6 @@
 Name:          unixODBC
 Version:       2.3.7
-Release:       3
+Release:       3-h1
 Summary:       Open-source project that implements the ODBC API
 License:       GPLv2+ and LGPLv2+
 URL:           http://www.unixODBC.org/
@@ -9,6 +9,7 @@ Source1:       odbcinst.ini
 Patch0000:     so-version-bump.patch
 Patch0001:     keep-typedefs.patch
 Patch0002:     fix_leaks.patch
+Patch0003:     0001-Backport-fix-CVE-2024-1013.patch
 Conflicts:     iodbc
 BuildRequires: automake autoconf libtool libtool-ltdl-devel bison flex readline-devel
 
@@ -91,6 +92,9 @@ find doc -name 'Makefile*' | xargs rm
 %exclude %{_datadir}/libtool
 
 %changelog
+* Sat Mar 23 2024 hanqiudan <hanqiudan@huawei.com> - 2.3.7-3-h1
+- fix CVE-2024-1013 
+
 * Mon Nov 8 2021 Haoran Yang <yanghaoran7@huawei.com> - 2.3.7-3
 - fix some leaks and eliminate duplicated code