diff --git a/backport-CVE-2023-3341.patch b/backport-CVE-2023-3341.patch
index c9899cc98da494fec7b2e03ebc70e929111c67ab..e6ed27f4189aea8142f94d9a1b91978ff26d1464 100644
--- a/backport-CVE-2023-3341.patch
+++ b/backport-CVE-2023-3341.patch
@@ -5,15 +5,15 @@ Subject: [PATCH] Limit isccc_cc_fromwire recursion depth
  
 Named and rndc do not need a lot of recursion so the depth is
 set to 10.
-
+ 
 ---
- lib/isccc/cc.c                   | 39 ++++++++++++++++++++++++--------
+ lib/isccc/cc.c                   | 41 +++++++++++++++++++++++---------
  lib/isccc/include/isccc/result.h |  4 +++-
  lib/isccc/result.c               |  4 +++-
- 3 files changed, 35 insertions(+), 12 deletions(-)
-
+ 3 files changed, 36 insertions(+), 13 deletions(-)
+ 
 diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c
-index c314d76..8299fb9 100644
+index c314d76..54ff3c6 100644
 --- a/lib/isccc/cc.c
 +++ b/lib/isccc/cc.c
 @@ -54,6 +54,11 @@
@@ -90,6 +90,15 @@ index c314d76..8299fb9 100644
  	checksum_rstart = NULL;
  	first_tag = true;
  	alist = isccc_alist_create();
+@@ -640,7 +654,7 @@ table_fromwire(isccc_region_t *source, isccc_region_t *secret,
+ 		GET_MEM(key, len, source->rstart);
+ 		key[len] = '\0';	/* Ensure NUL termination. */
+ 		value = NULL;
+-		result = value_fromwire(source, &value);
++		result = value_fromwire(source, depth + 1, &value);
+ 		if (result != ISC_R_SUCCESS)
+ 			goto bad;
+ 		if (isccc_alist_define(alist, key, value) == NULL) {
 @@ -673,14 +687,19 @@ table_fromwire(isccc_region_t *source, isccc_region_t *secret,
  }
  
@@ -160,5 +169,4 @@ index 75f5ade..7d88fbc 100644
  
  #define ISCCC_RESULT_RESULTSET			2
 -- 
-2.33.0
-
+2.27.0
diff --git a/bind.spec b/bind.spec
index 72281517cbe3507900893542181f10d650496da5..8685f180f2bd70e5102ec0b866f3bf101d71f5f1 100644
--- a/bind.spec
+++ b/bind.spec
@@ -19,7 +19,7 @@ Name:           bind
 Summary:        Domain Name System (DNS) Server (named)
 License:        MPLv2.0
 Version:        9.11.21
-Release:        17
+Release:        18
 Epoch:          32
 Url:            http://www.isc.org/products/BIND/
 Source0:        https://ftp.isc.org/isc/bind9/9.11.21/bind-%{version}.tar.gz
@@ -526,6 +526,7 @@ cp -a %{SOURCE29} lib/dns/tests/testdata/dstrandom/random.data
 %patch6067 -p1
 %patch6068 -p1
 %patch6069 -p1
+%patch6070 -p1
 
 %patch199 -p1
 
@@ -1310,6 +1311,12 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Tue Sep 26 2023 zhanghao <zhanghao383@huawei.com> - 32:9.11.21-18
+- Type:CVE
+- ID:CVE-2023-3341
+- SUG:NA
+- DESC:update CVE-2023-3341 patch
+
 * Sat Sep 23 2023 zhanghao <zhanghao383@huawei.com> - 32:9.11.21-17
 - Type:CVE
 - ID:CVE-2023-3341