diff --git a/CVE-2020-14344.patch b/CVE-2020-14344.patch
deleted file mode 100644
index 5faf2fa..0000000
--- a/CVE-2020-14344.patch
+++ /dev/null
@@ -1,302 +0,0 @@
-From 9d1ac6f7ddbaa6036d999a2eccd7caaf92d0ea36 Mon Sep 17 00:00:00 2001
-Date: Tue, 8 Sep 2020 17:32:53 +0800
-Subject: [PATCH] fix CVE-2020-14344
-
----
- modules/im/ximcp/imDefIc.c  |  6 +++--
- modules/im/ximcp/imDefIm.c  | 25 +++++++++++------
- modules/im/ximcp/imRmAttr.c | 53 +++++++++++++++++++++++--------------
- 3 files changed, 54 insertions(+), 30 deletions(-)
-
-diff --git a/modules/im/ximcp/imDefIc.c b/modules/im/ximcp/imDefIc.c
-index 7564dba..cf4b8fc 100644
---- a/modules/im/ximcp/imDefIc.c
-+++ b/modules/im/ximcp/imDefIc.c
-@@ -350,7 +350,7 @@ _XimProtoGetICValues(
- 	     + sizeof(INT16)
- 	     + XIM_PAD(2 + buf_size);
- 
--    if (!(buf = Xmalloc(buf_size)))
-+    if (!(buf = Xcalloc(buf_size, 1)))
- 	return arg->name;
-     buf_s = (CARD16 *)&buf[XIM_HEADER_SIZE];
- 
-@@ -708,6 +708,7 @@ _XimProtoSetICValues(
- #endif /* XIM_CONNECTABLE */
- 
-     _XimGetCurrentICValues(ic, &ic_values);
-+    memset(tmp_buf, 0, sizeof(tmp_buf32));
-     buf = tmp_buf;
-     buf_size = XIM_HEADER_SIZE
- 	+ sizeof(CARD16) + sizeof(CARD16) + sizeof(INT16) + sizeof(CARD16);
-@@ -730,7 +731,7 @@ _XimProtoSetICValues(
- 
- 	buf_size += ret_len;
- 	if (buf == tmp_buf) {
--	    if (!(tmp = Xmalloc(buf_size + data_len))) {
-+	    if (!(tmp = Xcalloc(buf_size + data_len, 1))) {
- 		return tmp_name;
- 	    }
- 	    memcpy(tmp, buf, buf_size);
-@@ -740,6 +741,7 @@ _XimProtoSetICValues(
- 		Xfree(buf);
- 		return tmp_name;
- 	    }
-+	    memset(&tmp[buf_size], 0, data_len);
- 	    buf = tmp;
- 	}
-     }
-diff --git a/modules/im/ximcp/imDefIm.c b/modules/im/ximcp/imDefIm.c
-index cf922e4..bd43513 100644
---- a/modules/im/ximcp/imDefIm.c
-+++ b/modules/im/ximcp/imDefIm.c
-@@ -62,6 +62,7 @@ PERFORMANCE OF THIS SOFTWARE.
- #include "XimTrInt.h"
- #include "Ximint.h"
- 
-+#include <limits.h>
- 
- int
- _XimCheckDataSize(
-@@ -807,12 +808,16 @@ _XimOpen(
-     int			 buf_size;
-     int			 ret_code;
-     char		*locale_name;
-+    size_t               locale_len;
- 
-     locale_name = im->private.proto.locale_name;
--    len = strlen(locale_name);
--    buf_b[0] = (BYTE)len;			   /* length of locale name */
--    (void)strcpy((char *)&buf_b[1], locale_name);  /* locale name */
--    len += sizeof(BYTE);			   /* sizeof length */
-+    locale_len = strlen(locale_name);
-+    if (locale_len > UCHAR_MAX)
-+      return False;
-+    memset(buf32, 0, sizeof(buf32));
-+    buf_b[0] = (BYTE)locale_len;                   /* length of locale name */
-+    memcpy(&buf_b[1], locale_name, locale_len);	   /* locale name */
-+    len = (INT16)(locale_len + sizeof(BYTE));	   /* sizeof length */
-     XIM_SET_PAD(buf_b, len);			   /* pad */
- 
-     _XimSetHeader((XPointer)buf, XIM_OPEN, 0, &len);
-@@ -1287,6 +1292,7 @@ _XimProtoSetIMValues(
- #endif /* XIM_CONNECTABLE */
- 
-     _XimGetCurrentIMValues(im, &im_values);
-+    memset(tmp_buf, 0, sizeof(tmp_buf32));
-     buf = tmp_buf;
-     buf_size = XIM_HEADER_SIZE + sizeof(CARD16) + sizeof(INT16);
-     data_len = BUFSIZE - buf_size;
-@@ -1307,7 +1313,7 @@ _XimProtoSetIMValues(
- 
- 	buf_size += ret_len;
- 	if (buf == tmp_buf) {
--	    if (!(tmp = Xmalloc(buf_size + data_len))) {
-+	    if (!(tmp = Xcalloc(buf_size + data_len, 1))) {
- 		return arg->name;
- 	    }
- 	    memcpy(tmp, buf, buf_size);
-@@ -1317,6 +1323,7 @@ _XimProtoSetIMValues(
- 		Xfree(buf);
- 		return arg->name;
- 	    }
-+	    memset(&tmp[buf_size], 0, data_len);
- 	    buf = tmp;
- 	}
-     }
-@@ -1458,7 +1465,7 @@ _XimProtoGetIMValues(
- 	     + sizeof(INT16)
- 	     + XIM_PAD(buf_size);
- 
--    if (!(buf = Xmalloc(buf_size)))
-+    if (!(buf = Xcalloc(buf_size, 1)))
- 	return arg->name;
-     buf_s = (CARD16 *)&buf[XIM_HEADER_SIZE];
- 
-@@ -1720,7 +1727,7 @@ _XimEncodingNegotiation(
- 	+ sizeof(CARD16)
- 	+ detail_len;
- 
--    if (!(buf = Xmalloc(XIM_HEADER_SIZE + len)))
-+    if (!(buf = Xcalloc(XIM_HEADER_SIZE + len, 1)))
- 	goto free_detail_ptr;
- 
-     buf_s = (CARD16 *)&buf[XIM_HEADER_SIZE];
-@@ -1816,6 +1823,7 @@ _XimSendSavedIMValues(
-     int			 ret_code;
- 
-     _XimGetCurrentIMValues(im, &im_values);
-+    memset(tmp_buf, 0, sizeof(tmp_buf32));
-     buf = tmp_buf;
-     buf_size = XIM_HEADER_SIZE + sizeof(CARD16) + sizeof(INT16);
-     data_len = BUFSIZE - buf_size;
-@@ -1838,7 +1846,7 @@ _XimSendSavedIMValues(
- 
- 	buf_size += ret_len;
- 	if (buf == tmp_buf) {
--	    if (!(tmp = Xmalloc(buf_size + data_len))) {
-+	    if (!(tmp = Xcalloc(buf_size + data_len, 1))) {
- 		return False;
- 	    }
- 	    memcpy(tmp, buf, buf_size);
-@@ -1848,6 +1856,7 @@ _XimSendSavedIMValues(
- 		Xfree(buf);
- 		return False;
- 	    }
-+	    memset(&tmp[buf_size], 0, data_len);
- 	    buf = tmp;
- 	}
-     }
-diff --git a/modules/im/ximcp/imRmAttr.c b/modules/im/ximcp/imRmAttr.c
-index 9d4e462..cf491ea 100644
---- a/modules/im/ximcp/imRmAttr.c
-+++ b/modules/im/ximcp/imRmAttr.c
-@@ -29,6 +29,7 @@ PERFORMANCE OF THIS SOFTWARE.
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
-+#include <limits.h>
- #include "Xlibint.h"
- #include "Xlcint.h"
- #include "Ximint.h"
-@@ -214,7 +215,7 @@ _XimAttributeToValue(
-     Xic			  ic,
-     XIMResourceList	  res,
-     CARD16		 *data,
--    INT16		  data_len,
-+    CARD16		  data_len,
-     XPointer		  value,
-     BITMASK32		  mode)
- {
-@@ -250,18 +251,23 @@ _XimAttributeToValue(
- 
-     case XimType_XIMStyles:
- 	{
--	    INT16		 num = data[0];
-+	    CARD16               num = data[0];
- 	    register CARD32	*style_list = (CARD32 *)&data[2];
- 	    XIMStyle		*style;
- 	    XIMStyles		*rep;
- 	    register int	 i;
- 	    char		*p;
--	    int			 alloc_len;
-+	    unsigned int         alloc_len;
- 
- 	    if (!(value))
- 		return False;
--
-+            if (num > (USHRT_MAX / sizeof(XIMStyle)))
-+	        return False;
-+	    if ((2 * sizeof(CARD16) + (num * sizeof(CARD32))) > data_len)
-+	        return False;
- 	    alloc_len = sizeof(XIMStyles) + sizeof(XIMStyle) * num;
-+	    if (alloc_len < sizeof(XIMStyles))
-+	        return False;
- 	    if (!(p = Xmalloc(alloc_len)))
- 		return False;
- 
-@@ -313,7 +319,7 @@ _XimAttributeToValue(
- 
-     case XimType_XFontSet:
- 	{
--	    INT16	 len = data[0];
-+	    CARD16       len = data[0];
- 	    char	*base_name;
- 	    XFontSet	 rep = (XFontSet)NULL;
- 	    char	**missing_list = NULL;
-@@ -324,11 +330,12 @@ _XimAttributeToValue(
- 		return False;
- 	    if (!ic)
- 		return False;
--
-+            if (len > data_len)
-+		return False;
- 	    if (!(base_name = Xmalloc(len + 1)))
- 		return False;
- 
--	    (void)strncpy(base_name, (char *)&data[1], (int)len);
-+	    (void)strncpy(base_name, (char *)&data[1], (size_t)len);
- 	    base_name[len] = '\0';
- 
- 	    if (mode & XIM_PREEDIT_ATTR) {
-@@ -357,19 +364,24 @@ _XimAttributeToValue(
- 
-     case XimType_XIMHotKeyTriggers:
- 	{
--	    INT32			 num = *((CARD32 *)data);
-+	    CARD32                       num = *((CARD32 *)data);
- 	    register CARD32		*key_list = (CARD32 *)&data[2];
- 	    XIMHotKeyTrigger		*key;
- 	    XIMHotKeyTriggers		*rep;
- 	    register int		 i;
- 	    char			*p;
--	    int				 alloc_len;
-+	    unsigned int                 alloc_len;
- 
- 	    if (!(value))
- 		return False;
--
-+            if (num > (UINT_MAX / sizeof(XIMHotKeyTrigger)))
-+                return False;
-+	    if ((2 * sizeof(CARD16) + (num * 3 * sizeof(CARD32))) > data_len)
-+	        return False;
- 	    alloc_len = sizeof(XIMHotKeyTriggers)
- 		      + sizeof(XIMHotKeyTrigger) * num;
-+	    if (alloc_len < sizeof(XIMHotKeyTriggers))
-+	        return False;
- 	    if (!(p = Xmalloc(alloc_len)))
- 		return False;
- 
-@@ -1378,13 +1390,13 @@ _XimEncodeSavedICATTRIBUTE(
- 
- static unsigned int
- _XimCountNumberOfAttr(
--    INT16	 total,
--    CARD16	*attr,
--    int		*names_len)
-+    CARD16          total,
-+    CARD16	   *attr,
-+    unsigned int   *names_len)
- {
-     unsigned int n;
--    INT16	 len;
--    INT16	 min_len = sizeof(CARD16)	/* sizeof attribute ID */
-+    CARD16       len;
-+    CARD16       min_len = sizeof(CARD16)	/* sizeof attribute ID */
- 			 + sizeof(CARD16)	/* sizeof type of value */
- 			 + sizeof(INT16);	/* sizeof length of attribute */
- 
-@@ -1392,6 +1404,9 @@ _XimCountNumberOfAttr(
-     *names_len = 0;
-     while (total > min_len) {
- 	len = attr[2];
-+	if (len >= (total - min_len)) {
-+	    return 0;
-+	}
- 	*names_len += (len + 1);
- 	len += (min_len + XIM_PAD(len + 2));
- 	total -= len;
-@@ -1406,17 +1421,15 @@ _XimGetAttributeID(
-     Xim			  im,
-     CARD16		 *buf)
- {
--    unsigned int	  n;
-+    unsigned int	  n, names_len, values_len;
-     XIMResourceList	  res;
-     char		 *names;
--    int			  names_len;
-     XPointer		  tmp;
-     XIMValuesList	 *values_list;
-     char		**values;
--    int			  values_len;
-     register int	  i;
--    INT16		  len;
--    INT16		  min_len = sizeof(CARD16) /* sizeof attribute ID */
-+    CARD16		  len;
-+    CARD16		  min_len = sizeof(CARD16) /* sizeof attribute ID */
- 				  + sizeof(CARD16) /* sizeof type of value */
- 				  + sizeof(INT16); /* sizeof length of attr */
-     /*
--- 
-2.23.0
-
diff --git a/CVE-2020-14363.patch b/CVE-2020-14363.patch
deleted file mode 100644
index af5d996..0000000
--- a/CVE-2020-14363.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d Mon Sep 17 00:00:00 2001
-From: Matthieu Herrb <matthieu@herrb.eu>
-Date: Thu, 13 Aug 2020 18:02:58 +0200
-Subject: [PATCH] Fix an integer overflow in init_om()
-CVE-2020-14363
-This can lead to a double free later, as reported by Jayden Rivers.
-https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d
-Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
----
- modules/om/generic/omGeneric.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-diff --git a/modules/om/generic/omGeneric.c b/modules/om/generic/omGeneric.c
-index c44acb88..406cec93 100644
---- a/modules/om/generic/omGeneric.c
-+++ b/modules/om/generic/omGeneric.c
-@@ -1908,7 +1908,8 @@ init_om(
-     char **required_list;
-     XOrientation *orientation;
-     char **value, buf[BUFSIZ], *bufptr;
--    int count = 0, num = 0, length = 0;
-+    int count = 0, num = 0;
-+    unsigned int length = 0;
- 
-     _XlcGetResource(lcd, "XLC_FONTSET", "on_demand_loading", &value, &count);
-     if (count > 0 && _XlcCompareISOLatin1(*value, "True") == 0)
--- 
-GitLab
-
diff --git a/libX11-1.6.9.tar.bz2 b/libX11-1.6.9.tar.bz2
deleted file mode 100644
index 63d0166..0000000
Binary files a/libX11-1.6.9.tar.bz2 and /dev/null differ
diff --git a/libX11-1.7.0.tar.bz2 b/libX11-1.7.0.tar.bz2
new file mode 100644
index 0000000..6b1f612
Binary files /dev/null and b/libX11-1.7.0.tar.bz2 differ
diff --git a/libX11.spec b/libX11.spec
index d127ad2..51d5cb3 100644
--- a/libX11.spec
+++ b/libX11.spec
@@ -1,14 +1,12 @@
 Name:		libX11
-Version:	1.6.9
-Release:	4
+Version:	1.7.0
+Release:	1
 Summary:	Core X11 protocol client library
 License:	MIT
 URL:		http://www.x.org
 Source0:	https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.tar.bz2
 
 Patch1:         dont-forward-keycode-0.patch
-Patch2:         CVE-2020-14344.patch
-Patch3:         CVE-2020-14363.patch
 
 BuildRequires:	xorg-x11-util-macros >= 1.11 xorg-x11-proto-devel perl-Pod-Usage libXau-devel
 BuildRequires:  libxcb-devel >= 1.2 libXdmcp-devel xorg-x11-xtrans-devel >= 1.0.3-4
@@ -75,6 +73,12 @@ make %{?_smp_mflags} check
 %{_mandir}/*/*
 
 %changelog
+* Thu Jan 28 2021 hanhui <hanhui15@huawei.com> - 1.7.0-1
+- Type: enhancement
+- ID:   NA
+- SUG:  NA
+- DESC: update to 1.7.0
+
 * Fri Sep 30 2020 chengguipeng<chenguipeng1@huawei.com> - 1.6.9-4
 - Type:bugfix
 - Id:NA