diff --git a/0001-fix-CVE-2024-37535.patch b/0001-fix-CVE-2024-37535.patch
new file mode 100644
index 0000000..9c861c0
--- /dev/null
+++ b/0001-fix-CVE-2024-37535.patch
@@ -0,0 +1,125 @@
+From b6a976254b95f728ba17b369b387c19b26890141 Mon Sep 17 00:00:00 2001
+From: Christian Persch <Christian Persch@chpe>
+Date: Tue, 11 Jun 2024 02:59:02 +0000
+Subject: [PATCH] fix CVE-2024-37535
+
+---
+ src/vtegtk.cc | 35 +++++++++++++++++++++++++++++++++++
+ src/vteseq.cc | 20 ++++++++++++--------
+ 2 files changed, 47 insertions(+), 8 deletions(-)
+
+diff --git a/src/vtegtk.cc b/src/vtegtk.cc
+index 0457b2b..2f7c77b 100644
+--- a/src/vtegtk.cc
++++ b/src/vtegtk.cc
+@@ -91,6 +91,38 @@
+ template<typename T>
+ constexpr bool check_enum_value(T value) noexcept;
+ 
++static inline void
++sanitise_widget_size_request(int* minimum,
++                             int* natural) noexcept
++{
++        // Overly large size requests will make gtk happily allocate
++        // a window size over the window system's limits (see
++        // e.g. https://gitlab.gnome.org/GNOME/vte/-/issues/2786),
++        // leading to aborting the whole process.
++        // The toolkit should be in a better position to know about
++        // these limits and not exceed them (which here is certainly
++        // possible since our minimum sizes are very small), let's
++        // limit the widget's size request to some large value
++        // that hopefully is within the absolute limits of
++        // the window system (assumed here to be int16 range,
++        // and leaving some space for the widgets that contain
++        // the terminal).
++        auto const limit = (1 << 15) - (1 << 12);
++
++        if (*minimum > limit || *natural > limit) {
++                static auto warned = false;
++
++                if (!warned) {
++                        g_warning("Widget size request (minimum %d, natural %d) exceeds limits\n",
++                                  *minimum, *natural);
++                        warned = true;
++                }
++        }
++
++        *minimum = std::min(*minimum, limit);
++        *natural = std::clamp(*natural, *minimum, limit);
++}
++
+ struct _VteTerminalClassPrivate {
+         GtkStyleProvider *style_provider;
+ };
+@@ -485,6 +517,7 @@ try
+ {
+ 	VteTerminal *terminal = VTE_TERMINAL(widget);
+         WIDGET(terminal)->get_preferred_width(minimum_width, natural_width);
++	sanitise_widget_size_request(minimum_width, natural_width);
+ }
+ catch (...)
+ {
+@@ -499,6 +532,7 @@ try
+ {
+ 	VteTerminal *terminal = VTE_TERMINAL(widget);
+         WIDGET(terminal)->get_preferred_height(minimum_height, natural_height);
++	sanitise_widget_size_request(minimum_height, natural_height);
+ }
+ catch (...)
+ {
+@@ -736,6 +770,7 @@ try
+         WIDGET(terminal)->measure(orientation, for_size,
+                                   minimum, natural,
+                                   minimum_baseline, natural_baseline);
++	sanitise_widget_size_request(minimum, natural);
+ }
+ catch (...)
+ {
+diff --git a/src/vteseq.cc b/src/vteseq.cc
+index 8a7f5b3..7c0e227 100644
+--- a/src/vteseq.cc
++++ b/src/vteseq.cc
+@@ -214,9 +214,18 @@ Terminal::emit_bell()
+ /* Emit a "resize-window" signal.  (Grid size.) */
+ void
+ Terminal::emit_resize_window(guint columns,
+-                                       guint rows)
+-{
+-        _vte_debug_print(VTE_DEBUG_SIGNALS, "Emitting `resize-window'.\n");
++                             guint rows)
++{
++        // Ignore resizes with excessive number of rows or columns,
++        // see https://gitlab.gnome.org/GNOME/vte/-/issues/2786
++        if (columns < VTE_MIN_GRID_WIDTH ||
++            columns > 511 ||
++            rows < VTE_MIN_GRID_HEIGHT ||
++            rows > 511)
++                return;
++
++        _vte_debug_print(VTE_DEBUG_SIGNALS, "Emitting `resize-window' %d columns %d rows.\n",
++                         columns, rows);
+         g_signal_emit(m_terminal, signals[SIGNAL_RESIZE_WINDOW], 0, columns, rows);
+ }
+ 
+@@ -4581,8 +4590,6 @@ Terminal::DECSLPP(vte::parser::Sequence const& seq)
+         else if (param < 24)
+                 return;
+ 
+-        _vte_debug_print(VTE_DEBUG_EMULATION, "Resizing to %d rows.\n", param);
+-
+         emit_resize_window(m_column_count, param);
+ }
+ 
+@@ -9044,9 +9051,6 @@ Terminal::XTERM_WM(vte::parser::Sequence const& seq)
+                 seq.collect(1, {&height, &width});
+ 
+                 if (width != -1 && height != -1) {
+-                        _vte_debug_print(VTE_DEBUG_EMULATION,
+-                                         "Resizing window to %d columns, %d rows.\n",
+-                                         width, height);
+                         emit_resize_window(width, height);
+                 }
+                 break;
+-- 
+2.43.0
+
diff --git a/vte291.spec b/vte291.spec
index ddcec50..238d5ca 100644
--- a/vte291.spec
+++ b/vte291.spec
@@ -12,12 +12,13 @@
 
 Name:           vte291
 Version:        0.72.2
-Release:        1
+Release:        2
 Summary:        Virtual terminal widget
 License:        GPL-3.0-or-later AND LGPL-3.0-or-later and MIT-open-group AND CC-BY-4.0
 URL:            https://wiki.gnome.org/Apps/Terminal/VTE
 Source0:        https://download.gnome.org/sources/vte/0.72/vte-%{version}.tar.xz
 Patch0:         vte291-cntnr-precmd-preexec-scroll.patch
+Patch1:         0001-fix-CVE-2024-37535.patch
 
 BuildRequires:  gcc-c++ gettext gi-docgen gobject-introspection-devel gperf meson systemd vala
 BuildRequires:  pkgconfig(fribidi) >= %{fribidi_version}
@@ -113,6 +114,9 @@ sed -i -e "/^vte_systemduserunitdir =/s|vte_prefix|'/usr'|" meson.build
 %doc %{_datadir}/doc/vte-2.91-gtk4/
 
 %changelog
+* Tue Jun 11 2024 kywqs <weiqingsong@kylinos.cn> - 0.72.2-2
+- fix CVE-2024-37535
+
 * Mon Nov 20 2023 lwg <liweiganga@uniontech.com> - 0.72.2-1
 - update to version 0.72.2