diff --git a/backport-CVE-2025-64512.patch b/backport-CVE-2025-64512.patch
new file mode 100644
index 0000000000000000000000000000000000000000..766d97159e1b6b1625b8b5e6bf9a0bf8bf864d89
--- /dev/null
+++ b/backport-CVE-2025-64512.patch
@@ -0,0 +1,33 @@
+From b808ee05dd7f0c8ea8ec34bdf394d40e63501086 Mon Sep 17 00:00:00 2001
+From: Scott Tolley <michaeltolley21@hotmail.com>
+Date: Fri, 7 Nov 2025 20:47:46 +0100
+Subject: [PATCH] Fix: arbitary code execution when loading pickle font files
+
+Fixes https://github.com/pdfminer/pdfminer.six/security/advisories/GHSA-wf5f-4jwr-ppcp
+
+Fixes https://github.com/pdfminer/pdfminer.six/security/advisories/GHSA-f83h-ghpp-7wcc
+---
+ pdfminer/cmapdb.py | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/pdfminer/cmapdb.py b/pdfminer/cmapdb.py
+index 87d9870e..b3c7f2b0 100644
+--- a/pdfminer/cmapdb.py
++++ b/pdfminer/cmapdb.py
+@@ -240,8 +240,14 @@ def _load_data(cls, name: str) -> Any:
+         )
+         for directory in cmap_paths:
+             path = os.path.join(directory, filename)
+-            if os.path.exists(path):
+-                gzfile = gzip.open(path)
++            # Resolve paths to prevent directory traversal
++            resolved_path = os.path.realpath(path)
++            resolved_directory = os.path.realpath(directory)
++            # Check if resolved path is within the intended directory
++            if not resolved_path.startswith(resolved_directory + os.sep):
++                continue
++            if os.path.exists(resolved_path):
++                gzfile = gzip.open(resolved_path)
+                 try:
+                     return type(str(name), (), pickle.loads(gzfile.read()))
+                 finally:
diff --git a/python-pdfminer.six.spec b/python-pdfminer.six.spec
index a282418310800bc17e6a8ad94e89f096d4c648de..1a6767cb1e88968ea121a11def035661d5ba1be0 100644
--- a/python-pdfminer.six.spec
+++ b/python-pdfminer.six.spec
@@ -1,11 +1,12 @@
 %global _empty_manifest_terminate_build 0
 Name:           python-pdfminer.six
 Version:        20231228
-Release:        2
+Release:        3
 Summary:        PDF parser and analyzer.
 License:        MIT
 URL:            https://github.com/pdfminer/pdfminer.six
 Source0:        https://files.pythonhosted.org/packages/31/b1/a43e3bd872ded4deea4f8efc7aff1703fca8c5455d0c06e20506a06a44ff/pdfminer.six-20231228.tar.gz
+Patch6000:      backport-CVE-2025-64512.patch
 BuildArch:      noarch
 %description
 PDF parser and analyzer.
@@ -30,7 +31,7 @@ Provides:       python3-pdfminer.six-doc
 Development documents and examples for pdfminer.six.
 
 %prep
-%autosetup -n pdfminer.six-%{version}
+%autosetup -n pdfminer.six-%{version} -p1
 
 %build
 %py3_build
@@ -72,6 +73,9 @@ mv %{buildroot}/doclist.lst .
 %{_docdir}/*
 
 %changelog
+* Tue Nov 11 2025 yujingbo <yujingbo@kylinos.cn> - 20231228-3
+- Fix CVE-2025-64512
+
 * Tue Feb 18 2025 Bijie Wu <wubijie@kylinos.cn> - 20231228-2
 - BuildRequires python-setuptools-git-versioning