diff --git a/CVE-2023-38403.patch b/CVE-2023-38403.patch
deleted file mode 100644
index 8665a4d3199f988ca89e5ea9b05e917516223f52..0000000000000000000000000000000000000000
--- a/CVE-2023-38403.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 0ef151550d96cc4460f98832df84b4a1e87c65e9 Mon Sep 17 00:00:00 2001
-From: "Bruce A. Mah" <bmah@es.net>
-Date: Fri, 7 Jul 2023 11:35:02 -0700
-Subject: [PATCH] Fix memory allocation hazard (#1542). (#1543)
-
-Reported by:	@someusername123 on GitHub
----
- src/iperf_api.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/src/iperf_api.c b/src/iperf_api.c
-index f2d416214..a95e02418 100644
---- a/src/iperf_api.c
-+++ b/src/iperf_api.c
-@@ -2670,6 +2670,7 @@ static cJSON *
- JSON_read(int fd)
- {
-     uint32_t hsize, nsize;
-+    size_t strsize;
-     char *str;
-     cJSON *json = NULL;
-     int rc;
-@@ -2682,7 +2683,9 @@ JSON_read(int fd)
-     if (Nread(fd, (char*) &nsize, sizeof(nsize), Ptcp) >= 0) {
- 	hsize = ntohl(nsize);
- 	/* Allocate a buffer to hold the JSON */
--	str = (char *) calloc(sizeof(char), hsize+1);	/* +1 for trailing null */
-+	strsize = hsize + 1;              /* +1 for trailing NULL */
-+	if (strsize) {
-+	str = (char *) calloc(sizeof(char), strsize);
- 	if (str != NULL) {
- 	    rc = Nread(fd, str, hsize, Ptcp);
- 	    if (rc >= 0) {
-@@ -2701,6 +2704,10 @@ JSON_read(int fd)
- 	    }
- 	}
- 	free(str);
-+	}
-+	else {
-+	    printf("WARNING:  Data length overflow\n");
-+	}
-     }
-     return json;
- }
diff --git a/iperf-3.16.tar.gz b/iperf-3.16.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..3320ee949dc47da69880cdad0d143caaf2d7c100
Binary files /dev/null and b/iperf-3.16.tar.gz differ
diff --git a/iperf-3.6.tar.gz b/iperf-3.6.tar.gz
deleted file mode 100644
index bfbab343fa791307f31f536c21dc85ab4b296eba..0000000000000000000000000000000000000000
Binary files a/iperf-3.6.tar.gz and /dev/null differ
diff --git a/iperf3.spec b/iperf3.spec
index 84223f4af820e199c192d52e1b75a69a683e2341..e5cfef1c765121c175447152147e9596bd3654f4 100644
--- a/iperf3.spec
+++ b/iperf3.spec
@@ -1,11 +1,10 @@
 Name:           iperf3
-Version:        3.6
-Release:        6
+Version:        3.16
+Release:        1
 Summary:        TCP,UDP,and SCTP network bandwidth measurement tool
 License:        BSD
 URL:            http://github.com/esnet/iperf
-Source0:        http://downloads.es.net/pub/iperf/iperf-%{version}.tar.gz
-Patch0:         CVE-2023-38403.patch
+Source0:        https://github.com/esnet/iperf/archive/%{version}/iperf-%{version}.tar.gz
 
 BuildRequires:  libuuid-devel gcc
 Requires:       %{name}-help = %{version}-%{release}
@@ -39,7 +38,7 @@ mkdir -p %{buildroot}%{_mandir}/man1
 
 %files
 %defattr(-,root,root)
-%doc README.md RELEASE_NOTES
+%doc README.md RELNOTES.md
 %license LICENSE _esnet/LICENSE
 %{_bindir}/iperf3
 %{_libdir}/*.so.*
@@ -55,6 +54,9 @@ mkdir -p %{buildroot}%{_mandir}/man1
 %{_mandir}/man3/libiperf.3.gz
 
 %changelog
+* Tue Apr 02 2024 yaoxin <yao_xin001@hoperun.com> - 3.16-1
+- Upgrade to 3.16 for fix CVE-2023-7250
+
 * Mon Aug 07 2023 yaoxin <yao_xin001@hoperun.com> - 3.6-6
 - Fix CVE-2023-38403