diff --git a/SOURCES/File-Find-Rule-0.34-Fix-for-CVE-2011-10007-Use-3-arg-open-in-grep.patch b/SOURCES/File-Find-Rule-0.34-Fix-for-CVE-2011-10007-Use-3-arg-open-in-grep.patch
new file mode 100644
index 0000000..382ed66
--- /dev/null
+++ b/SOURCES/File-Find-Rule-0.34-Fix-for-CVE-2011-10007-Use-3-arg-open-in-grep.patch
@@ -0,0 +1,25 @@
+From df58128bcee4c1da78c34d7f3fe1357e575ad56f Mon Sep 17 00:00:00 2001
+From: Stig Palmquist <git@stig.io>
+Date: Thu, 5 Jun 2025 12:58:45 +0200
+Subject: [PATCH] Fix for CVE-2011-10007: Use 3 arg open in grep()`
+
+---
+ lib/File/Find/Rule.pm | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/File/Find/Rule.pm b/lib/File/Find/Rule.pm
+index feccc76..d4dc475 100644
+--- a/lib/File/Find/Rule.pm
++++ b/lib/File/Find/Rule.pm
+@@ -420,7 +420,7 @@ sub grep {
+ 
+     $self->exec( sub {
+         local *FILE;
+-        open FILE, $_ or return;
++        open FILE, '<', $_ or return;
+         local ($_, $.);
+         while (<FILE>) {
+             for my $p (@pattern) {
+-- 
+2.49.0
+
diff --git a/SPECS/perl-File-Find-Rule.spec b/SPECS/perl-File-Find-Rule.spec
index 8d061dd..b1a0eee 100644
--- a/SPECS/perl-File-Find-Rule.spec
+++ b/SPECS/perl-File-Find-Rule.spec
@@ -1,30 +1,59 @@
-Name: 		perl-File-Find-Rule
-Version: 	0.34
-Release: 	8%{?dist}
-Summary: 	Perl module implementing an alternative interface to File::Find
-License: 	GPL+ or Artistic
-Group: 		Development/Libraries
-URL: 		http://search.cpan.org/dist/File-Find-Rule/
-Source0: 	http://www.cpan.org/authors/id/R/RC/RCLAMP/File-Find-Rule-%{version}.tar.gz
+Name:           perl-File-Find-Rule
+Version:        0.34
+Release:        9%{?dist}
+Summary:        Perl module implementing an alternative interface to File::Find
+License:        GPL+ or Artistic
+Group:          Development/Libraries
+URL:            http://search.cpan.org/dist/File-Find-Rule/
+Source0:        http://www.cpan.org/authors/id/R/RC/RCLAMP/File-Find-Rule-%{version}.tar.gz
+Patch0:         File-Find-Rule-0.34-Fix-for-CVE-2011-10007-Use-3-arg-open-in-grep.patch
 
-BuildArch: 	noarch
-BuildRequires:	perl-interpreter
-BuildRequires:	perl-generators
+BuildArch:      noarch
+BuildRequires:  coreutils
+BuildRequires:  make
+BuildRequires:  perl-generators
+BuildRequires:  perl-interpreter
+BuildRequires:  perl(Carp)
 BuildRequires:  perl(ExtUtils::MakeMaker)
 BuildRequires:  perl(File::Find)
 BuildRequires:  perl(File::Spec)
-BuildRequires: 	perl(Number::Compare)
-BuildRequires: 	perl(Text::Glob)
+BuildRequires:  perl(File::Spec::Functions)
+BuildRequires:  perl(lib)
+BuildRequires:  perl(Number::Compare)
+BuildRequires:  perl(strict)
 BuildRequires:  perl(Test::More) >= 0.07
+BuildRequires:  perl(Text::Glob)
+BuildRequires:  perl(vars)
+BuildRequires:  perl(warnings)
+# Optional tests
+BuildRequires:  perl(Test::Differences)
 
-Requires:  	perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+Requires:       perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+
+%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_libexecdir}
 
 %description
 File::Find::Rule is a friendlier interface to File::Find.  It allows
 you to build rules which specify the desired files and directories.
 
+%package tests
+Summary:        Tests for %{name}
+Requires:       %{name} = %{?epoch:%{epoch}:}%{version}-%{release}
+Requires:       perl(Test::Differences)
+Requires:       perl-Test-Harness
+
+%description tests
+Tests from %{name}. Execute them
+with "%{_libexecdir}/%{name}/test".
+
 %prep
 %setup -q -n File-Find-Rule-%{version}
+%patch -P0 -p1
+# Help generators to recognize Perl scripts
+for F in t/*.t; do
+    perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F"
+    chmod +x "$F"
+done
 
 %build
 %{__perl} Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1
@@ -32,7 +61,17 @@ make %{?_smp_mflags}
 
 %install
 make pure_install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT
-chmod -R u+w $RPM_BUILD_ROOT/*
+%{_fixperms} $RPM_BUILD_ROOT/*
+
+# Install tests
+mkdir -p $RPM_BUILD_ROOT/%{_libexecdir}/%{name}
+cp -a t testdir $RPM_BUILD_ROOT/%{_libexecdir}/%{name}
+ln -s %{_bindir}/findrule %{buildroot}%{_libexecdir}/%{name}/
+cat > $RPM_BUILD_ROOT/%{_libexecdir}/%{name}/test << 'EOF'
+#!/bin/sh
+cd %{_libexecdir}/%{name} && exec prove -I . -j "$(getconf _NPROCESSORS_ONLN)"
+EOF
+chmod +x $RPM_BUILD_ROOT/%{_libexecdir}/%{name}/test
 
 %check
 make test
@@ -40,11 +79,18 @@ make test
 %files
 %doc Changes
 %{_bindir}/findrule
-%{_mandir}/man1/*
+%{_mandir}/man1/findrule*
 %{perl_vendorlib}/File
-%{_mandir}/man3/*
+%{_mandir}/man3/File::Find::Rule*
+
+%files tests
+%{_libexecdir}/%{name}
 
 %changelog
+* Fri Jun 06 2025 Jitka Plesnikova <jplesnik@redhat.com> - 0.34-9
+- Use 3 arg open in grep() (CVE-2011-10007)
+- Package tests
+
 * Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.34-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild