diff --git a/CVE-2015-3420.patch b/CVE-2015-3420.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3f02202f85f0a4fdb3e964cef413f81d691c56f9
--- /dev/null
+++ b/CVE-2015-3420.patch
@@ -0,0 +1,11 @@
+diff -r 27ee6a472555 src/lib/strnum.h
+--- a/src/lib/strnum.h	Tue Dec 08 15:47:28 2015 +0200
++++ b/src/lib/strnum.h	Wed Dec 09 10:54:49 2015 +0200
+@@ -169,6 +169,7 @@
+ int str_parse_uoff(const char *str, uoff_t *num_r,
+ 	const char **endp_r) ATTR_WARN_UNUSED_RESULT ATTR_NULL(3);
+ 
++#define str_to_time str_to_time_no_collision
+ int str_to_time(const char *str, time_t *num_r)
+ 	ATTR_WARN_UNUSED_RESULT;
+ 
diff --git a/CVE-2016-8652.patch b/CVE-2016-8652.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c1465db9d41cf9dbf4981eb82e87b88756156185
--- /dev/null
+++ b/CVE-2016-8652.patch
@@ -0,0 +1,27 @@
+From 1f2c35da2b96905bec6e45f88af0f33ee63789e6 Mon Sep 17 00:00:00 2001
+From: Aki Tuomi <aki.tuomi@dovecot.fi>
+Date: Wed, 23 Nov 2016 13:16:19 +0200
+Subject: [PATCH] auth: Fix auth-policy crash when username is NULL
+
+If SASL request is invalid, or incomplete, and username
+is left NULL, handle it gracefully by adding just
+NUL byte in auth policy digest for username.
+---
+ src/auth/auth-policy.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff -Nur dovecot-2.3.3_old/src/auth/auth-policy.c dovecot-2.3.3/src/auth/auth-policy.c
+--- dovecot-2.3.3_old/src/auth/auth-policy.c	2020-03-16 17:38:38.308283675 +0800
++++ dovecot-2.3.3/src/auth/auth-policy.c	2020-03-16 17:42:41.873103352 +0800
+@@ -466,7 +466,10 @@
+ 	else
+ 		requested_username = "";
+ 	/* use +1 to make sure \0 gets included */
+-	digest->loop(ctx, requested_username, strlen(requested_username)+1);
++	if (context->request->user == NULL)
++		digest->loop(ctx, "\0", 1);
++	else
++		digest->loop(ctx, context->request->user, strlen(context->request->user) + 1);
+ 	if (password != NULL)
+ 		digest->loop(ctx, password, strlen(password));
+ 	ptr = buffer_get_modifiable_data(buffer, NULL);
diff --git a/dovecot.spec b/dovecot.spec
index 5529cdf25e258668320274fa2153d973556d27cb..2720448b1e79970949f1f9d63cc95b00101c227c 100644
--- a/dovecot.spec
+++ b/dovecot.spec
@@ -6,7 +6,7 @@
 
 Name:          dovecot
 Version:       2.3.3
-Release:       4
+Release:       5
 Summary:       Dovecot Secure imap server
 License:       MIT and LGPLv2
 URL:           http://www.dovecot.org/
@@ -28,6 +28,8 @@ Patch6005:     CVE-2019-10691.patch
 Patch6006:     CVE-2019-11494-1.patch
 Patch6007:     CVE-2019-11494-2.patch
 Patch6008:     CVE-2019-11499.patch
+Patch6009:     CVE-2015-3420.patch
+Patch6010:     CVE-2016-8652.patch
 
 BuildRequires: gcc-c++ openssl-devel pam-devel zlib-devel bzip2-devel libcap-devel
 BuildRequires: libtool autoconf automake pkgconfig sqlite-devel libpq-devel
@@ -278,5 +280,11 @@ make check
 
 
 %changelog
+* Sun Mar 16 2020 gulining<gulining1@huawei.com> - 2.3.3-5
+- Type:cves
+- ID:CVE-2015-3420 CVE-2016-8652
+- SUG:restart
+- DESC:fix CVE-2015-3420 CVE-2016-8652
+
 * Mon Dec 2 2019 wangzhishun <wangzhishun1@huawei.com> - 2.3.3-4
 - Package init