diff --git a/meta-ohos-core/recipes-extended/diffutils/diffutils_%.bbappend b/meta-ohos-core/recipes-extended/diffutils/diffutils_%.bbappend
new file mode 100644
index 0000000000000000000000000000000000000000..b596b65db2710a3a8d4940de332b0eb4c36ab379
--- /dev/null
+++ b/meta-ohos-core/recipes-extended/diffutils/diffutils_%.bbappend
@@ -0,0 +1,11 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+# SPDX-License-Identifier: Apache-2.0
+
+# diffutils uses non-literal format strings in a few places.
+# This has been verified to be harmless in 3.7
+#
+# Removing -Werror=format-nonliteral here allows us to use
+# -Werror=format-nonliteral globally in OPTIMIZE_FOR=security mode
+# while keeping diffutils building.
+
+TARGET_CFLAGS_remove = "-Werror=format-nonliteral"