diff --git a/buffer_overflow.patch b/buffer_overflow.patch
new file mode 100644
index 0000000000000000000000000000000000000000..2ee3fff0db543ff3d53a5e98dad5817030dbe59e
--- /dev/null
+++ b/buffer_overflow.patch
@@ -0,0 +1,12 @@
+diff -urp zip30/fileio.c zip30/fileio.c
+--- zip30/fileio.c	2008-05-29 03:13:24.000000000 +0300
++++ zip30/fileio.c	2023-05-02 12:19:50.488314853 +0300
+@@ -3502,7 +3502,7 @@ zwchar *local_to_wide_string(local_strin
+   if ((wc_string = (wchar_t *)malloc((wsize + 1) * sizeof(wchar_t))) == NULL) {
+     ZIPERR(ZE_MEM, "local_to_wide_string");
+   }
+-  wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1);
++  wsize = mbstowcs(wc_string, local_string, wsize + 1);
+   wc_string[wsize] = (wchar_t) 0;
+ 
+   /* in case wchar_t is not zwchar */
diff --git a/sast.patch b/sast.patch
new file mode 100644
index 0000000000000000000000000000000000000000..1afd7b7203714c5a2aeda1d8f8f0df8468274548
--- /dev/null
+++ b/sast.patch
@@ -0,0 +1,11 @@
+--- ./util.c.old	2025-01-28 14:32:33.064491685 +0100
++++ ./util.c	2025-01-28 14:34:51.331444527 +0100
+@@ -862,7 +862,7 @@
+ 
+             /* remove escape characters */
+             while ((argstart = MBSCHR(argstart, '\\')) != NULL) {
+-                strcpy(argstart, argstart + 1);
++                memmove(argstart, argstart +1, strlen(argstart)+1);
+                 if (*argstart)
+                     ++argstart;
+             }
diff --git a/zip.spec b/zip.spec
index 1f4a056630f179396a4042183cfb58ba25bc9a14..93feecbc2ae2d0150d75f86ebffd34c0f038fc83 100644
--- a/zip.spec
+++ b/zip.spec
@@ -1,13 +1,17 @@
-%define   anolis_release 24
+%define anolis_release		25
 Name:     zip
-Version:  3.0
+Version:	3.0
 Release:  %{anolis_release}%{?dist}
 License:  BSD
 URL:      http://www.info-zip.org/Zip.html
 Source:   http://downloads.sourceforge.net/infozip/%{name}30.tar.gz#/%{name}-%{version}.tar.gz
+Source:	http://downloads.sourceforge.net/infozip/zip30.tar.gz
 Summary:  A file compression and packaging utility compatible with PKZIP
 
 Patch1:   0001-zip-3.0-format-security.patch
+Patch2:	buffer_overflow.patch
+Patch3:	zipnote.patch
+Patch4:	sast.patch
 
 BuildRequires:  make
 BuildRequires:  bzip2-devel, gcc
@@ -67,6 +71,10 @@ mkdir -p $RPM_BULD_ROOT%{_mandir}/man1
 %doc README CHANGES TODO WHATSNEW WHERE README.CR
 
 %changelog
+* Thu Aug 21 2025 wenyuzifang <lzx02244079@alibaba-inc.com> - 3.0-25
+- Fix buffer overflow risk and ensure safe wide character conversion
+- Apply correct resource management and prevent file leaks
+- Fix unsafe string handling for safe escape character processing
 * Thu Dec 22 2022 Funda Wang <fundawang@yeah.net> - 3.0-24
 - Bump release for upgrading from anolis 8
 
diff --git a/zip30.tar.gz b/zip30.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..57f60be499bef90ccf84fe47d522d32504609e9b
Binary files /dev/null and b/zip30.tar.gz differ
diff --git a/zipnote.patch b/zipnote.patch
new file mode 100644
index 0000000000000000000000000000000000000000..4177a7df81fe418863f650627f53cce0c87c142e
--- /dev/null
+++ b/zipnote.patch
@@ -0,0 +1,13 @@
+diff --git a/zipnote.c b/zipnote.c
+index 5e02cb6..996f012 100644
+--- a/zipnote.c
++++ b/zipnote.c
+@@ -661,7 +661,7 @@ char **argv;            /* command line tokens */
+     if ((r = zipcopy(z)) != ZE_OK)
+       ziperr(r, "was copying an entry");
+   }
+-  fclose(x);
++  fclose(in_file);
+ 
+   /* Write central directory and end of central directory with new comments */
+   if ((c = zftello(y)) == (zoff_t)-1)    /* get start of central */