diff --git a/CVE-2021-32142.patch b/CVE-2021-32142.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b5b3d3a67dcba4850e57b2b2b90ab1e55c00eef4
--- /dev/null
+++ b/CVE-2021-32142.patch
@@ -0,0 +1,37 @@
+From bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 Mon Sep 17 00:00:00 2001
+From: Alex Tutubalin <lexa@lexa.ru>
+Date: Mon, 12 Apr 2021 13:21:52 +0300
+Subject: [PATCH] check for input buffer size on datastream::gets
+
+---
+ src/libraw_datastream.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
+index a5c1a84a..a31ae9dd 100644
+--- a/src/libraw_datastream.cpp
++++ b/src/libraw_datastream.cpp
+@@ -287,6 +287,7 @@ INT64 LibRaw_file_datastream::tell()
+ 
+ char *LibRaw_file_datastream::gets(char *str, int sz)
+ {
++  if(sz<1) return NULL;
+   LR_STREAM_CHK();
+   std::istream is(f.get());
+   is.getline(str, sz);
+@@ -421,6 +422,7 @@ INT64 LibRaw_buffer_datastream::tell()
+ 
+ char *LibRaw_buffer_datastream::gets(char *s, int sz)
+ {
++  if(sz<1) return NULL;
+   unsigned char *psrc, *pdest, *str;
+   str = (unsigned char *)s;
+   psrc = buf + streampos;
+@@ -618,6 +620,7 @@ INT64 LibRaw_bigfile_datastream::tell()
+ 
+ char *LibRaw_bigfile_datastream::gets(char *str, int sz)
+ {
++  if(sz<1) return NULL;
+   LR_BF_CHK();
+   return fgets(str, sz, f);
+ }
diff --git a/LibRaw.spec b/LibRaw.spec
index 5b90845f1ca756aec815ee42894868f42841b938..1b18742f4c8a8caa562b4aa6f9d0b63fce056788 100644
--- a/LibRaw.spec
+++ b/LibRaw.spec
@@ -1,6 +1,6 @@
 Name:          LibRaw
 Version:       0.20.2
-Release:       6
+Release:       7
 Summary:       Library for reading RAW files obtained from digital photo cameras
 License:       BSD and (CDDL-1.0 or LGPLv2)
 URL:           http://www.libraw.org
@@ -11,6 +11,8 @@ Patch0002:     fix-use-of-uninitialized-value.patch
 Patch0003:     fix-use-of-uninitialized-value-in-makernotes.patch
 Patch0004:     fix-use-of-uninitialized-value-in-misc_parsers.patch
 Patch0005:     CVE-2023-1729.patch
+# https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49
+Patch0006:     CVE-2021-32142.patch
 BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg)
 BuildRequires: autoconf automake libtool
 Provides:      bundled(dcraw) = 9.25
@@ -71,6 +73,9 @@ rm -rfv samples/.deps samples/.dirstamp samples/*.o
 %exclude %{_docdir}/libraw/*
 
 %changelog
+* Tue Mar 26 2024 yaoxin <yao_xin001@hoperun.com> - 0.20.2-7
+- Fix CVE-2021-32142
+
 * Mon May 15 2023 yaoxin <yao_xin001@hoperun.com> - 0.20.2-6
 - Fix CVE-2023-1729