diff --git a/dist b/dist
new file mode 100644
index 0000000000000000000000000000000000000000..9c0e36ec42a2d9bfefacb21ac6354c9ddd910533
--- /dev/null
+++ b/dist
@@ -0,0 +1 @@
+an8
diff --git a/download b/download
new file mode 100644
index 0000000000000000000000000000000000000000..68435e2007563d4713083e9bc7cda7cb090e479e
--- /dev/null
+++ b/download
@@ -0,0 +1 @@
+7f06272651f0c2292c1d0ba353386782  wavpack-5.1.0.tar.bz2
diff --git a/wavpack-0011-issue-110-sanitize-DSD-file-types.patch b/wavpack-0011-issue-110-sanitize-DSD-file-types.patch
new file mode 100644
index 0000000000000000000000000000000000000000..e71c22b1d5312c43c63f4ba5516f5e9e1f08746c
--- /dev/null
+++ b/wavpack-0011-issue-110-sanitize-DSD-file-types.patch
@@ -0,0 +1,35 @@
+commit 3915cf88c0cf2cf9806d7323071c9b856b6dc52b
+Author: Tomas Korbar <tkorbar@redhat.com>
+Date:   Tue May 17 18:11:33 2022 +0200
+
+    Fix CVE-2021-44269
+
+diff --git a/cli/dsdiff.c b/cli/dsdiff.c
+index 62d8a0c..fa69e32 100644
+--- a/cli/dsdiff.c
++++ b/cli/dsdiff.c
+@@ -284,6 +284,12 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+                 return WAVPACK_SOFT_ERROR;
+             }
+             total_samples = dff_chunk_header.ckDataSize / config->num_channels;
++            
++            if (total_samples <= 0 || total_samples > MAX_WAVPACK_SAMPLES) {
++                error_line ("%s is not a valid .DFF file!", infilename);
++                return WAVPACK_SOFT_ERROR;
++            }
++
+             break;
+         }
+         else {          // just copy unknown chunks to output file
+diff --git a/cli/dsf.c b/cli/dsf.c
+index cd82ae9..fd6b2a5 100644
+--- a/cli/dsf.c
++++ b/cli/dsf.c
+@@ -121,6 +121,7 @@ int ParseDsfHeaderConfig (FILE *infile, char *infilename, char *fourcc, WavpackC
+ 
+     if (format_chunk.ckSize != sizeof (DSFFormatChunk) || format_chunk.formatVersion != 1 ||
+         format_chunk.formatID != 0 || format_chunk.blockSize != DSF_BLOCKSIZE || format_chunk.reserved ||
++        format_chunk.sampleCount <= 0 || format_chunk.sampleCount > MAX_WAVPACK_SAMPLES * 8 ||
+         (format_chunk.bitsPerSample != 1 && format_chunk.bitsPerSample != 8) ||
+         format_chunk.chanType < 1 || format_chunk.chanType > NUM_CHAN_TYPES) {
+             error_line ("%s is not a valid .DSF file!", infilename);
diff --git a/wavpack-5.1.0.tar.bz2 b/wavpack-5.1.0.tar.bz2
deleted file mode 100644
index f66ee613e204c4123b47e7f9235bc0a0be63e530..0000000000000000000000000000000000000000
Binary files a/wavpack-5.1.0.tar.bz2 and /dev/null differ
diff --git a/wavpack.spec b/wavpack.spec
index 9bc060246f4385d737212af121e70db18f1d8eff..d3ae267cee4dd99b625e50d9f93bc2d9c4ae7959 100644
--- a/wavpack.spec
+++ b/wavpack.spec
@@ -1,8 +1,7 @@
-%define anolis_release .0.1
 Name:		wavpack
 Summary:	A completely open audiocodec
 Version:	5.1.0
-Release:	15%{anolis_release}%{?dist}
+Release:	16%{?dist}
 License:	BSD
 Group:		Applications/Multimedia
 Url:		http://www.wavpack.com/
@@ -17,14 +16,13 @@ Patch7:		wavpack-0007-issue-53-error-out-on-zero-sample-rate.patch
 Patch8:		wavpack-0008-issue-65-67-fortify-dsdiff-file-parsing.patch
 Patch9:		wavpack-0009-issue-66-make-sure-CAF-files-have-a-desc-chunk.patch
 Patch10:	wavpack-0010-issue-54-fix-potential-out-of-bounds-heap-read.patch
+Patch11:	wavpack-0011-issue-110-sanitize-DSD-file-types.patch
+
 # For autoreconf
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libtool
 
-Requires:       glibc
-Provides:       /usr/bin/wavpack
-
 %description
 WavPack is a completely open audio compression format providing lossless,
 high-quality lossy, and a unique hybrid compression mode. Although the
@@ -41,15 +39,6 @@ Requires:	pkgconfig
 %description devel
 Files needed for developing apps using wavpack
 
-%package doc
-Summary: Documents for %{name}
-BuildArch: noarch
-Requires: %{name} = %{version}-%{release}
-
-
-%description  doc
-Doc pages for %{name}
-
 %prep
 %autosetup -p1
 
@@ -74,6 +63,7 @@ rm -f %{buildroot}/%{_libdir}/*.la
 %{_mandir}/man1/wvgain.1*
 %{_mandir}/man1/wvunpack.1*
 %{_mandir}/man1/wvtag.1.*
+%doc AUTHORS COPYING
 
 %files devel
 %{_includedir}/*
@@ -81,12 +71,10 @@ rm -f %{buildroot}/%{_libdir}/*.la
 %{_libdir}/libwavpack.so
 %doc ChangeLog README
 
-%files doc
-%doc AUTHORS COPYING
-
 %changelog
-* Fri Jul 15 2022 Chang Gao <taifu.gc@alibaba-inc.com> - 5.1.0-15.0.1
-- Add doc sub package
+* Tue May 17 2022 Tomas Korbar <tkorbar@redhat.com> - 5.1.0-16
+- CVE-2021-44269 wavpack: heap Out-of-bounds Read
+- Resolves: CVE-2021-44269
 
 * Fri Oct 04 2019 Tomas Korbar <tkorbar@redhat.com> - 5.1.0-15
 - fix Out-of-bounds read in WavpackVerifySingleBlock function (#1663151)