diff --git a/.gitignore b/.gitignore
index 2bed46e..109acdc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,4 @@ gnutls-2.10.1-nosrp.tar.bz2
 /gnutls-3.1.11-hobbled.tar.xz
 /gnutls-3.1.13-hobbled.tar.xz
 /gnutls-3.1.13-hobbled-el.tar.xz
+/gnutls-3.1.15-hobbled.tar.xz
diff --git a/gnutls.spec b/gnutls.spec
index ceb9e0d..d4d61d3 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -2,8 +2,8 @@
 %bcond_with guile
 Summary: A TLS protocol implementation
 Name: gnutls
-Version: 3.1.13
-Release: 3%{?dist}
+Version: 3.1.15
+Release: 1%{?dist}
 # The libraries are LGPLv2.1+, utilities are GPLv3+, however
 # the bundled gnulib is LGPLv3+
 License: GPLv3+ and LGPLv2+ and LGPLv3+
@@ -22,7 +22,7 @@ URL: http://www.gnutls.org/
 #Source0: ftp://ftp.gnutls.org/gcrypt/gnutls/%{name}-%{version}.tar.xz
 #Source1: ftp://ftp.gnutls.org/gcrypt/gnutls/%{name}-%{version}.tar.xz.sig
 # XXX patent tainted code removed.
-Source0: %{name}-%{version}-hobbled-el.tar.xz
+Source0: %{name}-%{version}-hobbled.tar.xz
 Source1: libgnutls-config
 Source2: hobble-gnutls
 Source3: ecc.c
@@ -257,6 +257,10 @@ fi
 %endif
 
 %changelog
+* Fri Oct 25 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.15-1
+- new upstream release
+- fixes CVE-2013-4466 buffer overflow in handling DANE entries
+
 * Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-3
 - enable ECC NIST Suite B curves
 
diff --git a/sources b/sources
index 0e3c477..0a2aabc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-17d3ed05939acbe443bf22a0d5998e63  gnutls-3.1.13-hobbled-el.tar.xz
+bdbdbbf42f97bc8fd72d83ab44a62fbd  gnutls-3.1.15-hobbled.tar.xz