diff --git a/0001-free-vncRec-memory-in-rfbClientCleanup.patch b/0001-free-vncRec-memory-in-rfbClientCleanup.patch
new file mode 100644
index 0000000000000000000000000000000000000000..6e096af28a7d36a175eefffe87b05f4c9fcc21cc
--- /dev/null
+++ b/0001-free-vncRec-memory-in-rfbClientCleanup.patch
@@ -0,0 +1,12 @@
+diff -up libvncserver-LibVNCServer-0.9.13/libvncclient/vncviewer.c.orig libvncserver-LibVNCServer-0.9.13/libvncclient/vncviewer.c
+--- libvncserver-LibVNCServer-0.9.13/libvncclient/vncviewer.c.orig	2022-09-28 12:45:54.343732226 +0800
++++ libvncserver-LibVNCServer-0.9.13/libvncclient/vncviewer.c	2022-09-28 12:46:47.518913917 +0800
+@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client)
+     client->clientData = next;
+   }
+ 
++  free(client->vncRec);
++
+   if (client->sock != RFB_INVALID_SOCKET)
+     rfbCloseSocket(client->sock);
+   if (client->listenSock != RFB_INVALID_SOCKET)
diff --git a/libvncserver.spec b/libvncserver.spec
index c41c56434458a5c9c832c4e11f1f2d50c2056a87..8881093cb83eaf504776ce330075d289a5fa7307 100644
--- a/libvncserver.spec
+++ b/libvncserver.spec
@@ -1,7 +1,7 @@
 Summary:    A library for easy implementation of a VNC server
 Name:       libvncserver
 Version:    0.9.13
-Release:    2
+Release:    3
 License:    GPLv2+
 URL:        http://libvnc.github.io/
 Source0:    https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz
@@ -10,6 +10,7 @@ Patch11: 0002-libvncserver-Add-channel-security-handlers.patch
 Patch12: 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch
 Patch13: 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch
 Patch14: 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch
+Patch15: 0001-free-vncRec-memory-in-rfbClientCleanup.patch
 Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
 
 BuildRequires:  gcc-c++ cmake3 pkgconfig(gnutls) pkgconfig(sdl2) pkgconfig(libsystemd) pkgconfig(x11)
@@ -75,6 +76,10 @@ done
 %{_libdir}/pkgconfig/libvncserver.pc
 
 %changelog
+* Wed Sep 28 2022 lin zhang <lin.zhang@turbolinux.com.cn> - 0.9.13-3
+- fix-CVE-2020-29260
+- add 0001-free-vncRec-memory-in-rfbClientCleanup.patch 
+
 * Mon Jun 20 2022 lin zhang <lin.zhang@turbolinux.com.cn> - 0.9.13-2
 - add libvncserver.yaml