diff --git a/CVE-2016-7051.patch b/CVE-2016-7051.patch
deleted file mode 100644
index 9379a26a233b80fcf6d0a3496c9b2f78d58999dd..0000000000000000000000000000000000000000
--- a/CVE-2016-7051.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From eeff2c312e9d4caa8c9f27b8f740c7529d00524a Mon Sep 17 00:00:00 2001
-From: Tatu Saloranta <tatu.saloranta@iki.fi>
-Date: Mon, 26 Sep 2016 20:11:18 -0700
-Subject: [PATCH] prepare for 2.7.8
-
----
- .../xml/failing/SupportDTDDefaultsTest.java   | 23 +++++++++++++++++++
- 1 files changed, 23 insertions(+)
- create mode 100644 src/test/java/com/fasterxml/jackson/dataformat/xml/failing/SupportDTDDefaultsTest.java
-
-diff --git a/src/test/java/com/fasterxml/jackson/dataformat/xml/failing/SupportDTDDefaultsTest.java b/src/test/java/com/fasterxml/jackson/dataformat/xml/failing/SupportDTDDefaultsTest.java
-new file mode 100644
-index 00000000..b28c68c0
---- /dev/null
-+++ b/src/test/java/com/fasterxml/jackson/dataformat/xml/failing/SupportDTDDefaultsTest.java
-@@ -0,0 +1,23 @@
-+package com.fasterxml.jackson.dataformat.xml.failing;
-+
-+import java.util.Map;
-+
-+import com.fasterxml.jackson.dataformat.xml.*;
-+
-+// for [databind-xml#211]
-+public class SupportDTDDefaultsTest extends XmlTestBase
-+{
-+    public void testDTDAttempt() throws Exception
-+    {
-+        XmlMapper mapper = new XmlMapper();
-+        String XML = "<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE foo SYSTEM 'http://127.0.0.1:8001' [ ]>\n"
-+                +"<foo/>";
-+
-+        try {
-+            /*Map<String, String> info =*/ mapper.readValue(XML, Map.class);
-+            //At this point a GET request would have been sent to localhost:8001. You will see a Connection Refused in case you don't have a server listening there.
-+        } catch (Exception e){
-+            fail("Should not try to resolve external DTD subset: "+e);
-+        }
-+    }
-+}
diff --git a/jackson-dataformat-xml.spec b/jackson-dataformat-xml.spec
index e86955e62f4afa3bb043ccbf4cc85af40ee8d0a3..b4051c40cb13f679d2ffe2de0efcd13f38bac554 100644
--- a/jackson-dataformat-xml.spec
+++ b/jackson-dataformat-xml.spec
@@ -1,13 +1,10 @@
 Name:                jackson-dataformat-xml
 Version:             2.9.8
-Release:             2
+Release:             1
 Summary:             Jackson extension component for reading and writing XML encoded data
 License:             ASL 2.0
 URL:                 https://github.com/FasterXML/jackson-dataformat-xml
 Source0:             https://github.com/FasterXML/jackson-dataformat-xml/archive/%{name}-%{version}.tar.gz
-
-Patch0000:           CVE-2016-7051.patch
-
 BuildRequires:       maven-local mvn(com.fasterxml.jackson.core:jackson-annotations) >= %{version}
 BuildRequires:       mvn(com.fasterxml.jackson.core:jackson-core) >= %{version}
 BuildRequires:       mvn(com.fasterxml.jackson.core:jackson-databind) >= %{version}
@@ -32,7 +29,7 @@ Summary:             Javadoc for %{name}
 This package contains API documentation for %{name}.
 
 %prep
-%autosetup -n %{name}-%{name}-%{version} -p1
+%setup -q -n %{name}-%{name}-%{version}
 cp -p src/main/resources/META-INF/LICENSE .
 cp -p src/main/resources/META-INF/NOTICE .
 sed -i 's/\r//' LICENSE NOTICE
@@ -53,8 +50,5 @@ sed -i 's/\r//' LICENSE NOTICE
 %license LICENSE NOTICE
 
 %changelog
-* Mon Dec 7 2020 jialei <jialei17@huawei.com> - 2.9.8-2
-- deal cve-2016-7051
-
 * Sat Aug 15 2020 Ge Wang <wangge20@huawei.com> - 2.9.8-1
 - Package init