diff --git a/CVE-2025-5683.patch b/CVE-2025-5683.patch
new file mode 100644
index 0000000000000000000000000000000000000000..9e01bcf7669e7a4e7c835181c7006e2d7326ba26
--- /dev/null
+++ b/CVE-2025-5683.patch
@@ -0,0 +1,27 @@
+diff --git a/src/plugins/imageformats/icns/qicnshandler.cpp b/src/plugins/imageformats/icns/qicnshandler.cpp
+index 02086cbf26c..207f7cd8393 100644
+--- a/src/plugins/imageformats/icns/qicnshandler.cpp
++++ b/src/plugins/imageformats/icns/qicnshandler.cpp
+@@ -359,8 +359,11 @@
+ 
+ static inline bool isBlockHeaderValid(const ICNSBlockHeader &header, quint64 bound = 0)
+ {
+-    return header.ostype != 0 && (bound == 0
+-                || qBound(quint64(ICNSBlockHeaderSize), quint64(header.length), bound) == header.length);
++    return header.ostype != 0 &&
++        (bound == 0 ||
++            // qBound can be used but requires checking the limits first
++            // this requires less operations
++            (ICNSBlockHeaderSize <= header.length && header.length <= bound));
+ }
+ 
+ static inline bool isIconCompressed(const ICNSEntry &icon)
+@@ -892,7 +895,7 @@
+             return false;
+ 
+         const qint64 blockDataOffset = device()->pos();
+-        if (!isBlockHeaderValid(blockHeader)) {
++        if (!isBlockHeaderValid(blockHeader, ICNSBlockHeaderSize - blockDataOffset + filelength)) {
+             qWarning("QICNSHandler::scanDevice(): Failed, bad header at pos %s. OSType \"%s\", length %u",
+                      QByteArray::number(blockDataOffset).constData(),
+                      nameFromOSType(blockHeader.ostype).constData(), blockHeader.length);
diff --git a/qt5-qtimageformats.spec b/qt5-qtimageformats.spec
index c3945f7cdb09c30b6bd90adb86ed5722d8e19682..50817957d579cc5f6bcfc102d88b5d9b2b7ca2d4 100644
--- a/qt5-qtimageformats.spec
+++ b/qt5-qtimageformats.spec
@@ -2,11 +2,13 @@
 
 Name:           qt5-qtimageformats
 Version:        5.11.1
-Release:        7
+Release:        8
 Summary:        Qtimageformats component of qt5
 License:        LGPLv2 with exceptions or LGPLv3 with exceptions
 URL:            http://www.qt.io
 Source0:        https://download.qt.io/new_archive/qt/5.11/5.11.1/submodules/qtimageformats-everywhere-src-5.11.1.tar.xz
+# https://download.qt.io/official_releases/qt/6.5/CVE-2025-5683-qtimageformats-6.5.patch
+Patch0:         CVE-2025-5683.patch
 
 BuildRequires:  qt5-qtbase-devel >= %{version} libmng-devel libtiff-devel libwebp-devel
 %{?_qt5:Requires: %{_qt5} = %{_qt5_version}}
@@ -19,7 +21,7 @@ PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt
 provides optional support for other image file formats.
 
 %prep
-%autosetup -n qtimageformats-everywhere-src-%{version}
+%autosetup -n qtimageformats-everywhere-src-%{version} -p1
 
 %build
 %{qmake_qt5}
@@ -34,6 +36,9 @@ make install INSTALL_ROOT=%{buildroot}
 %{_qt5_libdir}/cmake/Qt5Gui/Qt5Gui_*Plugin.cmake
 
 %changelog
+* Thu Oct 16 2025 Funda Wang <fundawang@yeah.net> - 5.11.1-8
+- fix CVE-2025-5683
+
 * Thu Mar 18 2021 maminjie <maminjie1@huawei.com> - 5.11.1-7
 - Fix syntax error when macro is not defined