diff --git a/CVE-2023-22797.patch b/CVE-2023-22797.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d08ebccf3522017e985134751ba03dfde5362fbf
--- /dev/null
+++ b/CVE-2023-22797.patch
@@ -0,0 +1,104 @@
+From e50e26d7a9f4a1e4fb5ef2538c30b2b5cc81bd92 Mon Sep 17 00:00:00 2001
+From: wonda-tea-coffee <lagrange.resolvent@gmail.com>
+Date: Mon, 5 Dec 2022 12:27:15 +0000
+Subject: [PATCH] Fix sec issue with _url_host_allowed?
+
+Disallow certain strings from `_url_host_allowed?` to avoid a redirect
+to malicious sites.
+
+[CVE-2023-22797]
+---
+ .../action_controller/metal/redirecting.rb    |  6 ++-
+ actionpack/test/controller/redirect_test.rb   | 38 +++++++++++++++++++
+ 2 files changed, 43 insertions(+), 1 deletion(-)
+
+diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb
+index 721d5d3279..0ae6a48748 100644
+--- a/actionpack/lib/action_controller/metal/redirecting.rb
++++ b/actionpack/lib/action_controller/metal/redirecting.rb
+@@ -196,7 +196,11 @@ def _enforce_open_redirect_protection(location, allow_other_host:)
+ 
+       def _url_host_allowed?(url)
+         host = URI(url.to_s).host
+-        host == request.host || host.nil? && url.to_s.start_with?("/")
++
++        return true if host == request.host
++        return false unless host.nil?
++        return false unless url.to_s.start_with?("/")
++        return !url.to_s.start_with?("//")
+       rescue ArgumentError, URI::Error
+         false
+       end
+diff --git a/actionpack/test/controller/redirect_test.rb b/actionpack/test/controller/redirect_test.rb
+index b0312e72da..91a8f8512b 100644
+--- a/actionpack/test/controller/redirect_test.rb
++++ b/actionpack/test/controller/redirect_test.rb
+@@ -80,6 +80,10 @@ def safe_redirect_back_with_status_and_fallback_location_to_another_host
+     redirect_back_or_to "http://www.rubyonrails.org/", status: 307, allow_other_host: false
+   end
+ 
++  def safe_redirect_to_root
++    redirect_to url_from("/")
++  end
++
+   def unsafe_redirect
+     redirect_to "http://www.rubyonrails.org/"
+   end
+@@ -92,6 +96,14 @@ def unsafe_redirect_malformed
+     redirect_to "http:///www.rubyonrails.org/"
+   end
+ 
++  def unsafe_redirect_protocol_relative_double_slash
++    redirect_to "//www.rubyonrails.org/"
++  end
++
++  def unsafe_redirect_protocol_relative_triple_slash
++    redirect_to "///www.rubyonrails.org/"
++  end
++
+   def only_path_redirect
+     redirect_to action: "other_host", only_path: true
+   end
+@@ -374,6 +386,12 @@ def test_safe_redirect_back_with_no_referer_redirects_to_another_host
+     assert_equal "http://www.rubyonrails.org/", redirect_to_url
+   end
+ 
++  def test_safe_redirect_to_root
++    get :safe_redirect_to_root
++
++    assert_equal "http://test.host/", redirect_to_url
++  end
++
+   def test_redirect_back_with_explicit_fallback_kwarg
+     referer = "http://www.example.com/coming/from"
+     @request.env["HTTP_REFERER"] = referer
+@@ -518,6 +536,26 @@ def test_unsafe_redirect_with_malformed_url
+     end
+   end
+ 
++  def test_unsafe_redirect_with_protocol_relative_double_slash_url
++    with_raise_on_open_redirects do
++      error = assert_raise(ActionController::Redirecting::UnsafeRedirectError) do
++        get :unsafe_redirect_protocol_relative_double_slash
++      end
++
++      assert_equal "Unsafe redirect to \"//www.rubyonrails.org/\", pass allow_other_host: true to redirect anyway.", error.message
++    end
++  end
++
++  def test_unsafe_redirect_with_protocol_relative_triple_slash_url
++    with_raise_on_open_redirects do
++      error = assert_raise(ActionController::Redirecting::UnsafeRedirectError) do
++        get :unsafe_redirect_protocol_relative_triple_slash
++      end
++
++      assert_equal "Unsafe redirect to \"///www.rubyonrails.org/\", pass allow_other_host: true to redirect anyway.", error.message
++    end
++  end
++
+   def test_only_path_redirect
+     with_raise_on_open_redirects do
+       get :only_path_redirect
+-- 
+2.35.1
+
diff --git a/rubygem-actionpack.spec b/rubygem-actionpack.spec
index 80b69dcf26efff7d3889e6b905f376a8611bed47..f335fd696d6bb30add6138ab3a4de2479a88a94e 100644
--- a/rubygem-actionpack.spec
+++ b/rubygem-actionpack.spec
@@ -4,7 +4,7 @@
 Name:		rubygem-%{gem_name}
 Epoch:		1
 Version:	7.0.4
-Release: 	1
+Release: 	2
 Summary: 	Web-flow and rendering framework putting the VC in MVC (part of Rails)
 License: 	MIT
 URL: 		http://rubyonrails.org
@@ -22,6 +22,7 @@ Source2: 	rails-%{version}-tools.txz
 # Fixes for Minitest 5.16+
 # https://github.com/rails/rails/pull/45370
 Patch0: rubygem-actionpack-7.0.2.3-Fix-tests-for-minitest-5.16.patch
+Patch1: CVE-2023-22797.patch
 
 # Let's keep Requires and BuildRequires sorted alphabeticaly
 BuildRequires: 	ruby(release)
@@ -62,6 +63,7 @@ Documentation for %{name}.
 
 pushd %{_builddir}
 %patch0 -p2
+%patch1 -p2
 popd
 
 %build
@@ -104,13 +106,16 @@ popd
 %doc %{gem_instdir}/README.rdoc
 
 %changelog
+* Tue Feb 14 2023 jiangpeng <jiangpeng01@ncti-gba.cn> - 1:7.0.4-2
+- Fix CVE-2023-22797
+
 * Fri Jan 20 2023 wangkai <wangkai385@h-partners.com> - 1:7.0.4-1
 - Upgrade to version 7.0.4
 
 * Thu Jun 30 2022 houyingchao <houyingchao@h-partners.com> - 1:6.1.4.1-2
 - Fix compilation failed
 
-* Thu May 03 2022 wangkerong <wangkerong@h-partners.com>- 6.1.4.1-1
+* Thu May 03 2022 wangkerong <wangkerong@h-partners.com> - 6.1.4.1-1
 - Upgrade to 6.1.4.1
 
 * Mon Jun 28 2021 wangyue<wangyue92@huawei.com> - 5.2.4.4-3
@@ -119,7 +124,7 @@ popd
 * Fri Jun 11 2021 wangyue<wangyue92@huawei.com> - 5.2.4.4-2
 - Fix CVE-2021-22885
 
-* Mon Feb  8 2021 sunguoshuai<sunguoshuai@huawei.com>- 5.2.4.4-1
+* Mon Feb 8 2021 sunguoshuai<sunguoshuai@huawei.com> - 5.2.4.4-1
 - Upgrade to 5.2.4.4
 
 * Sat Aug 8 2020 chengzihan <chengzihan2@huawei.com> - 5.2.3-1