diff --git a/CVE-2025-2174_CVE-2025-2176_CVE-2025-2177.patch b/CVE-2025-2174_CVE-2025-2175_CVE-2025-2176_CVE-2025-2177.patch
similarity index 100%
rename from CVE-2025-2174_CVE-2025-2176_CVE-2025-2177.patch
rename to CVE-2025-2174_CVE-2025-2175_CVE-2025-2176_CVE-2025-2177.patch
diff --git a/zvbi.spec b/zvbi.spec
index 41844c94b45a0dbb8234606a6afe54c5d525545d..b16d3d2635e72ec9dde165098aa919d6f4f4d165 100644
--- a/zvbi.spec
+++ b/zvbi.spec
@@ -1,6 +1,6 @@
 Name:               zvbi
 Version:            0.2.35
-Release:            9
+Release:            10
 Summary:            A library provides functions to capture and decode VBI data
 License:            LGPLv2+ and GPLv2+ and BSD
 URL:                http://zapping.sourceforge.net/ZVBI/index.html
@@ -9,7 +9,7 @@ Source0:            http://downloads.sourceforge.net/zapping/%{name}-%{version}.
 Patch0001:          %{name}-0.2.24-tvfonts.patch
 Patch0002:          %{name}-0.2.25-openfix.patch
 Patch0003:          CVE-2025-2173.patch
-Patch0004:          CVE-2025-2174_CVE-2025-2176_CVE-2025-2177.patch
+Patch0004:          CVE-2025-2174_CVE-2025-2175_CVE-2025-2176_CVE-2025-2177.patch
 
 BuildRequires:      gcc-c++ doxygen fontconfig gettext >= 0.16.1 libpng-devel
 BuildRequires:      libICE-devel xorg-x11-font-utils systemd-units
@@ -136,6 +136,11 @@ fi
 %{_mandir}/man1/*
 
 %changelog
+* Tue Jul 29 2025 yaoxin <1024769339@qq.com> - 0.2.35-10
+- Fix CVE-2025-2175
+- Rename CVE-2025-2174_CVE-2025-2176_CVE-2025-2177.patch to
+  CVE-2025-2174_CVE-2025-2175_CVE-2025-2176_CVE-2025-2177.patch
+
 * Tue Mar 18 2025 yaoxin <1024769339@qq.com> - 0.2.35-9
 - Fix CVE-2025-2173,CVE-2025-2174,CVE-2025-2176 and CVE-2025-2177