diff --git a/backport-declare-read-only-data-array-const.patch b/backport-declare-read-only-data-array-const.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8b403042a548e717f5cb309ada9dfc69701f7795
--- /dev/null
+++ b/backport-declare-read-only-data-array-const.patch
@@ -0,0 +1,25 @@
+From 4aab3a8817219050ed2701523ca4fc49d9905d59 Mon Sep 17 00:00:00 2001
+From: jiawenhao <jiawenhao@xfusion.com>
+Date: Mon, 21 Apr 2025 16:23:08 +0800
+Subject: [PATCH] declare-read-only-data-array-const
+
+---
+ modules/pam_unix/md5_crypt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/modules/pam_unix/md5_crypt.c b/modules/pam_unix/md5_crypt.c
+index ed5ecda..ab0a14d 100644
+--- a/modules/pam_unix/md5_crypt.c
++++ b/modules/pam_unix/md5_crypt.c
+@@ -17,7 +17,7 @@
+ #include "md5.h"
+ #include "pam_inline.h"
+ 
+-static unsigned char itoa64[] =	/* 0 ... 63 => ascii - 64 */
++static const unsigned char itoa64[] =	/* 0 ... 63 => ascii - 64 */
+ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+ 
+ static void to64(char *s, unsigned long v, int n)
+-- 
+2.27.0
+
diff --git a/pam.spec b/pam.spec
index 480987f1e5abea884cd70d2c81944d6c28129a7b..cd08f02573dc784926c7c8356879a622956496e9 100644
--- a/pam.spec
+++ b/pam.spec
@@ -4,7 +4,7 @@
 %define _pamconfdir %{_sysconfdir}/pam.d
 Name: pam
 Version: 1.5.3
-Release: 8
+Release: 9
 Summary: Pluggable Authentication Modules for Linux
 License: BSD and GPLv2+
 URL: http://www.linux-pam.org/
@@ -28,6 +28,7 @@ Patch5: backport-CVE-2024-10963.patch
 Patch6: backport-CVE-2024-10041.patch
 Patch7: backport-CVE-2024-10041-pam_unix-try-to-set-uid-to-0-for-unix_chkpwd.patch
 Patch8: backport-libpam-use-close_range-to-close-file-descriptors.patch
+Patch9: backport-declare-read-only-data-array-const.patch
 
 Patch9000:change-ndbm-to-gdbm.patch
 Patch9001:add-sm3-crypt-support.patch
@@ -182,6 +183,9 @@ make check
 
 
 %changelog
+* Mon Apr 21 2025 jiawenhao <jiawenhao@xfusion.com> - 1.5.3-9
+- declare read-only data array const
+
 * Mon Mar 24 2025 hugel <gengqihu2@h-partners.com> - 1.5.3-8
 - backport patch libpam use close_range() to close file descriptors