diff --git a/bugfix-iBMC-clear-sensitive-data.patch b/bugfix-iBMC-clear-sensitive-data.patch
new file mode 100644
index 0000000000000000000000000000000000000000..e94415076e905fc9286f5c3fc29bdfcb6b2bb8c3
--- /dev/null
+++ b/bugfix-iBMC-clear-sensitive-data.patch
@@ -0,0 +1,96 @@
+From 67cee387bf99f33f510cad646941e9e9cd81966f Mon Sep 17 00:00:00 2001
+From: yuanquanzheng <yuanquanzheng1@huawei.com>
+Date: Tue, 11 Apr 2023 15:45:57 +0800
+Subject: [PATCH] iBMC: clear sensitive data
+
+---
+ json-c.sym    |  4 ++++
+ json_object.c | 39 +++++++++++++++++++++++++++++++++++++++
+ json_object.h |  8 ++++++++
+ 3 files changed, 51 insertions(+)
+
+diff --git a/json-c.sym b/json-c.sym
+index 2dedc6e..b9a53ab 100644
+--- a/json-c.sym
++++ b/json-c.sym
+@@ -162,6 +162,10 @@ JSONC_0.15 {
+     array_list_shrink;
+     json_object_array_shrink;
+     json_object_new_array_ext;
++#if defined(CONFIG_COMPUTING_IBMC_CLEARSENDATA)
++    json_object_clear_string;
++    json_string_clear;
++#endif
+ } JSONC_0.14;
+ 
+ JSONC_0.16 {
+diff --git a/json_object.c b/json_object.c
+index 581b1e2..5888d62 100644
+--- a/json_object.c
++++ b/json_object.c
+@@ -1813,3 +1813,42 @@ static void json_abort(const char *message)
+ 		fprintf(stderr, "json-c aborts with error: %s\n", message);
+ 	abort();
+ }
++
++#if defined(CONFIG_COMPUTING_IBMC_CLEARSENDATA)
++void json_object_clear_string(json_object *jso, const char *prop_name)
++{
++	struct json_object *val_jso = NULL;
++
++	if (jso == NULL || json_object_get_type(jso) != json_type_object || prop_name == NULL) {
++		return;
++	}
++
++	(void)json_object_object_get_ex(jso, prop_name, &val_jso);
++	json_string_clear(val_jso);
++
++	return;
++}
++
++void json_string_clear(json_object *jso)
++{
++	int len;
++
++	if (jso == NULL || json_object_get_type(jso) != json_type_string) {
++		return;
++	}
++
++	len = ((struct json_object_string *)jso)->len;
++	if (len == 0) {
++		return;
++	}
++
++	if (len < 0) {
++		(void)memset(((struct json_object_string *)jso)->c_string.pdata, 0, -len);
++	}
++	else {
++		(void)memset(((struct json_object_string *)jso)->c_string.idata, 0, len);
++	}
++
++	return;
++}
++#endif
+\ No newline at end of file
+diff --git a/json_object.h b/json_object.h
+index e22392f..ac6c5dc 100644
+--- a/json_object.h
++++ b/json_object.h
+@@ -1070,6 +1070,14 @@ JSON_EXPORT json_c_shallow_copy_fn json_c_shallow_copy_default;
+ 
+ JSON_EXPORT int json_object_deep_copy(struct json_object *src, struct json_object **dst,
+                                       json_c_shallow_copy_fn *shallow_copy);
++
++ 
++#if defined(CONFIG_COMPUTING_IBMC_CLEARSENDATA)
++JSON_EXPORT void json_object_clear_string(json_object *jso, const char *prop_name);
++ 
++JSON_EXPORT void json_string_clear(json_object *jso);
++#endif
++
+ #ifdef __cplusplus
+ }
+ #endif
+-- 
+2.27.0
+
diff --git a/json-c.spec b/json-c.spec
index 0014398835735550e57078ab598bb92d493df3c0..0431f550bbd7b6065a8c7ef56d72776bb2ffdfba 100644
--- a/json-c.spec
+++ b/json-c.spec
@@ -6,7 +6,7 @@
 
 Name:           json-c
 Version:        0.16
-Release:        3
+Release:        4
 Summary:        JSON implementation in C
 
 License:        MIT
@@ -20,6 +20,8 @@ Patch6002:      backport-Fix-memory-leak-with-emtpy-strings-in-json_object_set_s
 Patch6003:      backport-json_object_from_fd_ex-fail-if-file-is-too-large.patch
 Patch6004:      backport-Explicitly-check-for-integer-overflow-when-parsing.patch
 
+Patch9001:      bugfix-iBMC-clear-sensitive-data.patch
+
 %description
 JSON-C implements a reference counting object model that allows you
 to easily construct JSON objects in C, output them as JSON formatted
@@ -106,6 +108,12 @@ end
 %doc %{_pkgdocdir}
 
 %changelog
+* Sat Jun 17 2023 sunhai <sunhai10@huawei.com> - 0.16-4
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: iBMC: clear sensitive data
+
 * Fri Apr 21 2023 zhangrui <zhangrui182@huawei.com> - 0.16-3
 - backport patch to fix integer overflow