diff --git a/backport-fix-broker-Use-MessageDigest.isEqual-when-comparing-.patch b/backport-fix-broker-Use-MessageDigest.isEqual-when-comparing-.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d5064a32f9b816f37473de3ccae88d79f2b444d5
--- /dev/null
+++ b/backport-fix-broker-Use-MessageDigest.isEqual-when-comparing-.patch
@@ -0,0 +1,27 @@
+From 6274fa01a75d74d559bb7e514c970f1fc07d15bc Mon Sep 17 00:00:00 2001
+From: Yiheng Cao <65160922+Crispy-fried-chicken@users.noreply.github.com>
+Date: Fri, 25 Aug 2023 00:41:32 +0800
+Subject: [PATCH] [fix][broker] Use MessageDigest.isEqual when comparing
+ digests (#21061)
+
+(cherry picked from commit c05954e66ff33098aeb848f4bde51613ace7e47e)
+---
+ .../pulsar/broker/authentication/SaslRoleTokenSigner.java       | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java b/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
+index 6ded38132e..9d90cc26ec 100644
+--- a/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
++++ b/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
+@@ -76,7 +76,7 @@ public class SaslRoleTokenSigner {
+         String originalSignature = signedStr.substring(index + SIGNATURE.length());
+         String rawValue = signedStr.substring(0, index);
+         String currentSignature = computeSignature(rawValue);
+-        if (!originalSignature.equals(currentSignature)) {
++        if (!MessageDigest.isEqual(originalSignature.getBytes(), currentSignature.getBytes())){
+             throw new AuthenticationException("Invalid signature");
+         }
+         return rawValue;
+-- 
+2.27.0
+
diff --git a/pulsar.spec b/pulsar.spec
index dd2e0c29feb6fac9f4de52b6ae9954d548d5d565..7dd880a2a4db77f3aa0cab05cede6bca5b7d6a8a 100644
--- a/pulsar.spec
+++ b/pulsar.spec
@@ -1,6 +1,6 @@
 %define debug_package %{nil}
 %define pulsar_ver 2.10.4
-%define pkg_ver 19
+%define pkg_ver 20
 %define _prefix /opt/pulsar
 Summary: Cloud-Native, Distributed Messaging and Streaming
 Name: pulsar
@@ -29,6 +29,8 @@ Patch0016: 0016-handle-exception.patch
 Patch0017: 0017-return-earliest-position.patch
 Patch0018: 0018-return-when-AbstractDispatcherSingleActiveConsumer-closed.patch
 Patch0019: 0019-clean-inactive-bundle.patch
+Patch0020: backport-fix-broker-Use-MessageDigest.isEqual-when-comparing-.patch
+
 BuildRoot: /root/rpmbuild/BUILDROOT/
 BuildRequires: java-1.8.0-openjdk-devel,maven,systemd
 Requires: java-1.8.0-openjdk,systemd
@@ -60,6 +62,7 @@ Pulsar is a distributed pub-sub messaging platform with a very flexible messagin
 %patch0017 -p1
 %patch0018 -p1
 %patch0019 -p1
+%patch0020 -p1
 
 %build
 mvn clean install -Pcore-modules,-main -DskipTests
@@ -85,6 +88,8 @@ getent passwd pulsar >/dev/null || useradd -r -g pulsar -d / -s /sbin/nologin pu
 exit 0
 
 %changelog
+* Mon May 27 2024 wangziliang <wangziliang@kylinos.cn> - 2.10.4-20
+- resolve CVE-2023-51437
 * Fri Dec 8 2023 Dapeng Sun <sundapeng@cmss.chinamobile.com> - 2.10.4-19
 - clean inactive bundle from bundleData in loadData and bundlesCache
 * Fri Dec 8 2023 Dapeng Sun <sundapeng@cmss.chinamobile.com> - 2.10.4-18