diff --git a/CVE-2021-23017.patch b/CVE-2021-23017.patch
deleted file mode 100644
index b226f2d734363c40d625a16aee453b6e08aeb7b6..0000000000000000000000000000000000000000
--- a/CVE-2021-23017.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 7199ebc203f74fd9e44595474de6bdc41740c5cf Mon Sep 17 00:00:00 2001
-From: Maxim Dounin <mdounin@mdounin.ru>
-Date: Tue, 25 May 2021 15:17:36 +0300
-Subject: [PATCH] Resolver: fixed off-by-one write in ngx_resolver_copy().
-
-Reported by Luis Merino, Markus Vervier, Eric Sesterhenn, X41 D-Sec GmbH.
----
- src/core/ngx_resolver.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
-index 7939070102..63b26193df 100644
---- a/src/core/ngx_resolver.c
-+++ b/src/core/ngx_resolver.c
-@@ -4008,15 +4008,15 @@ ngx_resolver_copy(ngx_resolver_t *r, ngx_str_t *name, u_char *buf, u_char *src,
-             n = *src++;
- 
-         } else {
-+            if (dst != name->data) {
-+                *dst++ = '.';
-+            }
-+
-             ngx_strlow(dst, src, n);
-             dst += n;
-             src += n;
- 
-             n = *src++;
--
--            if (n != 0) {
--                *dst++ = '.';
--            }
-         }
- 
-         if (n == 0) {
diff --git a/nginx-1.18.0.tar.gz b/nginx-1.18.0.tar.gz
deleted file mode 100644
index cd4b34fd9dd10b711ac676e7084c93dab3469420..0000000000000000000000000000000000000000
Binary files a/nginx-1.18.0.tar.gz and /dev/null differ
diff --git a/nginx-1.21.5.tar.gz b/nginx-1.21.5.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..207d55ca58ce3176bf02c79d043b5b32dd2a5ac1
Binary files /dev/null and b/nginx-1.21.5.tar.gz differ
diff --git a/nginx.spec b/nginx.spec
index 5f1bf39331d644678f5e389f225eb94480807005..63304ea935211e79098aa974277813cb5b4e5b84 100644
--- a/nginx.spec
+++ b/nginx.spec
@@ -13,8 +13,8 @@
 
 Name:              nginx
 Epoch:             1
-Version:           1.18.0
-Release:           5
+Version:           1.21.5
+Release:           1
 Summary:           A HTTP server, reverse proxy and mail proxy server
 License:           BSD
 URL:               http://nginx.org/
@@ -34,7 +34,6 @@ Source210:         UPGRADE-NOTES-1.6-to-1.10
 Patch0:            nginx-auto-cc-gcc.patch
 Patch1:            nginx-1.12.1-logs-perm.patch
 Patch2:            nginx-fix-pidfile.patch
-Patch3:            CVE-2021-23017.patch
 BuildRequires:     gcc openssl-devel pcre-devel zlib-devel systemd gperftools-devel
 Requires:          nginx-filesystem = %{epoch}:%{version}-%{release} openssl pcre
 Requires:          nginx-all-modules = %{epoch}:%{version}-%{release}        
@@ -346,6 +345,9 @@ fi
 %{_mandir}/man8/nginx.8*
 
 %changelog
+* Sat Jan 15 2022 yaoxin <yaoxin30@huawei.com> - 1:1.21.5-1
+- Upgrade nginx to 1.21.5
+
 * Tue Jun 15 2021 yanglu <yanglu72@huawei.com> - 1:1.18.0-5
 - fix CVE-2021-23017