diff --git a/CVE-2020-35738.patch b/CVE-2020-35738.patch
new file mode 100644
index 0000000000000000000000000000000000000000..fbbd40ba8bd9d5ab9ec9af827dd8724f40d59f2c
--- /dev/null
+++ b/CVE-2020-35738.patch
@@ -0,0 +1,52 @@
+From 89df160596132e3bd666322e1c20b2ebd4b92cd0 Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Tue, 29 Dec 2020 20:47:19 -0800
+Subject: [PATCH] issue #91: fix integer overflows resulting in buffer overruns
+ and sanitize a few more encoding parameters for clarity
+
+---
+ src/pack_utils.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/src/pack_utils.c b/src/pack_utils.c
+index 17d9381..480ab90 100644
+--- a/src/pack_utils.c
++++ b/src/pack_utils.c
+@@ -200,8 +200,13 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
+         return FALSE;
+     }
+ 
+-    if (!num_chans) {
+-        strcpy (wpc->error_message, "channel count cannot be zero!");
++    if (num_chans <= 0 || num_chans > NEW_MAX_STREAMS * 2) {
++        strcpy (wpc->error_message, "invalid channel count!");
++        return FALSE;
++    }
++
++    if (config->block_samples && (config->block_samples < 16 || config->block_samples > 131072)) {
++        strcpy (wpc->error_message, "invalid custom block samples!");
+         return FALSE;
+     }
+ 
+@@ -523,7 +528,7 @@ int WavpackPackInit (WavpackContext *wpc)
+         if (wpc->config.num_channels == 1)
+             wpc->block_samples *= 2;
+ 
+-        while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 300000)
++        while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 300000)
+             wpc->block_samples /= 2;
+     }
+     else {
+@@ -534,10 +539,10 @@ int WavpackPackInit (WavpackContext *wpc)
+ 
+         wpc->block_samples = wpc->config.sample_rate / divisor;
+ 
+-        while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 75000)
++        while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 75000)
+             wpc->block_samples /= 2;
+ 
+-        while (wpc->block_samples * wpc->config.num_channels < 20000)
++        while ((int64_t) wpc->block_samples * wpc->config.num_channels < 20000)
+             wpc->block_samples *= 2;
+     }
+ 
diff --git a/wavpack.spec b/wavpack.spec
index c60874945cb998acd02d1a8ea21980247798cb57..9e5845bb92bb2bee69345558f1debc4b891b647d 100644
--- a/wavpack.spec
+++ b/wavpack.spec
@@ -1,10 +1,11 @@
 Name:           wavpack
 Version:        5.3.0
-Release:        1
+Release:        2
 Summary:        Hybrid Lossless Wavefile Compressor
 License:        BSD
 Url:            http://www.wavpack.com/
 Source:         https://github.com/dbry/WavPack/releases/download/%{version}/%{name}-%{version}.tar.xz
+Patch0000:      CVE-2020-35738.patch
 
 BuildRequires:  autoconf automake libtool
 
@@ -65,6 +66,9 @@ autoreconf -ivf
 %{_mandir}/man1/*.1*
 
 %changelog
+* Thu Mar 4 2021 wangxiao <wangxiao65@huawei.com> - 5.3.0-2
+- Fix CVE-2020-35738
+
 * Sat Nov 28 2020 lingsheng <lingsheng@huawei.com> - 5.3.0-1
 - Update to 5.3.0
 - Fix OSS-Fuzz issue 19925 19928 20060 20448