diff --git a/CVE-2019-12439.patch b/CVE-2019-12439.patch
deleted file mode 100644
index 439bc28..0000000
--- a/CVE-2019-12439.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-diff -Nurp bubblewrap-0.3.1/bubblewrap.c bubblewrap-0.3.1-old/bubblewrap.c
---- bubblewrap-0.3.1/bubblewrap.c	2018-09-26 08:55:17.000000000 -0400
-+++ bubblewrap-0.3.1-old/bubblewrap.c	2019-06-13 03:26:14.489000000 -0400
-@@ -1977,7 +1977,7 @@ main (int    argc,
-       char **argv)
- {
-   mode_t old_umask;
--  cleanup_free char *base_path = NULL;
-+  const char *base_path = NULL;
-   int clone_flags;
-   char *old_cwd = NULL;
-   pid_t pid;
-@@ -2117,15 +2117,12 @@ main (int    argc,
-     die_with_error ("Can't open /proc");
- 
-   /* We need *some* mountpoint where we can mount the root tmpfs.
--     We first try in /run, and if that fails, try in /tmp. */
--  base_path = xasprintf ("/run/user/%d/.bubblewrap", real_uid);
--  if (ensure_dir (base_path, 0755))
--    {
--      free (base_path);
--      base_path = xasprintf ("/tmp/.bubblewrap-%d", real_uid);
--      if (ensure_dir (base_path, 0755))
--        die_with_error ("Creating root mountpoint failed");
--    }
-+   * Because we use pivot_root, it won't appear to be mounted from
-+   *    * the perspective of the sandboxed process, so we can use anywhere
-+   *       * that is sure to exist, that is sure to not be a symlink controlled
-+   *          * by someone malicious, and that we won't immediately need to
-+   *             * access ourselves. */
-+  base_path = "/tmp";
- 
-   __debug__ (("creating new namespace\n"));
- 
-@@ -2315,7 +2312,8 @@ main (int    argc,
-   /* We create a subdir "$base_path/newroot" for the new root, that
-    * way we can pivot_root to base_path, and put the old root at
-    * "$base_path/oldroot". This avoids problems accessing the oldroot
--   * dir if the user requested to bind mount something over / */
-+   * dir if the user requested to bind mount something over / (or
-+   * over /tmp, now that we use that for base_path). */
- 
-   if (mkdir ("newroot", 0755))
-     die_with_error ("Creating newroot failed");
diff --git a/bubblewrap-0.3.1.tar.xz b/bubblewrap-0.3.1.tar.xz
deleted file mode 100644
index 4bb8d6f..0000000
Binary files a/bubblewrap-0.3.1.tar.xz and /dev/null differ
diff --git a/bubblewrap-0.3.3.tar.xz b/bubblewrap-0.3.3.tar.xz
new file mode 100644
index 0000000..38a3736
Binary files /dev/null and b/bubblewrap-0.3.3.tar.xz differ
diff --git a/bubblewrap.spec b/bubblewrap.spec
index 097237e..22af20a 100644
--- a/bubblewrap.spec
+++ b/bubblewrap.spec
@@ -1,28 +1,22 @@
-Name: bubblewrap
-Version: 0.3.1
-Release: 1.h1%{?dist}
-Summary: Core execution tool for unprivileged containers
+Name:		bubblewrap
+Version:	0.3.3
+Release:	1
+Summary:	Core execution tool for unprivileged containers
+License:	LGPLv2+
+URL:		https://github.com/projectatomic/bubblewrap
+Source0:	https://github.com/containers/bubblewrap/archive/bubblewrap-%{version}.tar.xz
 
-License: LGPLv2+
-#VCS: git:https://github.com/projectatomic/bubblewrap
-URL: https://github.com/projectatomic/bubblewrap
-Source0: https://github.com/projectatomic/bubblewrap/releases/download/v%{version}/bubblewrap-%{version}.tar.xz
-Patch6000:CVE-2019-12439.patch
-
-BuildRequires: autoconf automake libtool
-BuildRequires: gcc
-BuildRequires: libcap-devel
-BuildRequires: pkgconfig(libselinux)
-BuildRequires: libxslt
-BuildRequires: docbook-style-xsl
+BuildRequires:	autoconf automake libtool gcc libcap-devel
+BuildRequires:  pkgconfig(libselinux) libxslt docbook-style-xsl
 
 %description
-Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged
-containers that works as a setuid binary on kernels without
-user namespaces.
+There is an effort in the Linux kernel called user namespaces which 
+attempts to allow unprivileged users to use container features.
+
+%package_help
 
 %prep
-%autosetup
+%autosetup -n %{name}-%{version} -p1
 
 %build
 if ! test -x configure; then NOCONFIGURE=1 ./autogen.sh; fi
@@ -30,88 +24,20 @@ if ! test -x configure; then NOCONFIGURE=1 ./autogen.sh; fi
 %make_build
 
 %install
-%make_install INSTALL="install -p -c"
-find %{buildroot} -name '*.la' -delete -print
+%make_install 
+%delete_la
 
 %files
+%defattr(-,root,root)
 %license COPYING
-%dir %{_datadir}/bash-completion
-%dir %{_datadir}/bash-completion/completions
-%{_datadir}/bash-completion/completions/bwrap
-%if (0%{?rhel} != 0 && 0%{?rhel} <= 7)
-%attr(0755,root,root) %caps(cap_sys_admin,cap_net_admin,cap_sys_chroot,cap_setuid,cap_setgid=ep) %{_bindir}/bwrap
-%else
 %{_bindir}/bwrap
-%endif
+%{_datadir}/bash-completion/completions/bwrap
+
+%files          help
+%defattr(-,root,root)
+%doc README.md
 %{_mandir}/man1/*
 
 %changelog
-* Thu Jun 13 2019 yuejiayan<yuejiayan@huawei.com> - 0.3.1-1.h1
-- Type:cves
-- ID:CVE-2019-12439
-- SUG:NA
-- DESC:fix CVE-2019-12439
-* Mon Oct 01 2018 Kalev Lember <klember@redhat.com> - 0.3.1-1
-- Update to 0.3.1
-
-* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Wed Jul 11 2018 Colin Walters <walters@verbum.org> - 0.3.0-1
-- https://github.com/projectatomic/bubblewrap/releases/tag/v0.3.0
-
-* Wed May 16 2018 Kalev Lember <klember@redhat.com> - 0.2.1-1
-- Update to 0.2.1
-
-* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Mon Oct 09 2017 Colin Walters <walters@verbum.org> - 0.2.0-2
-- New upstream version
-- https://github.com/projectatomic/bubblewrap/releases/tag/v0.2.0
-
-* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.8-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.8-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Tue Mar 28 2017 Colin Walters <walters@verbum.org> - 0.1.8-1
-- New upstream version
-  https://github.com/projectatomic/bubblewrap/releases/tag/v0.1.8
-
-* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.7-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Wed Jan 18 2017 Colin Walters <walters@verbum.org> - 0.1.7-1
-- New upstream version;
-  https://github.com/projectatomic/bubblewrap/releases/tag/v0.1.7
-- Resolves: #1411814
-
-* Tue Jan 10 2017 Colin Walters <walters@verbum.org> - 0.1.6-1
-- New upstream version with security fix
-- Resolves: #1411814
-
-* Mon Dec 19 2016 Kalev Lember <klember@redhat.com> - 0.1.5-1
-- Update to 0.1.5
-
-* Tue Dec 06 2016 walters@redhat.com - 0.1.4-4
-- Backport fix for regression in previous commit for rpm-ostree
-
-* Thu Dec 01 2016 walters@redhat.com - 0.1.4-3
-- Backport patch to fix running via nspawn, which should fix rpm-ostree-in-bodhi
-
-* Tue Nov 29 2016 Kalev Lember <klember@redhat.com> - 0.1.4-1
-- Update to 0.1.4
-
-* Fri Oct 14 2016 Colin Walters <walters@verbum.org> - 0.1.3-2
-- New upstream version
-
-* Mon Sep 12 2016 Kalev Lember <klember@redhat.com> - 0.1.2-1
-- Update to 0.1.2
-
-* Tue Jul 12 2016 Igor Gnatenko <ignatenko@redhat.com> - 0.1.1-2
-- Trivial fixes in packaging
-
-* Fri Jul 08 2016 Colin Walters <walters@verbum.org> - 0.1.1
-- Initial package
+* Mon Oct 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.3.3-1
+- Package init