diff --git a/_servicedata b/_servicedata
index bcc12e3..4e16731 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,5 +1,5 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/openSUSE/aaa_base.git</param>
-              <param name="changesrevision">fbabe1d9dfff899e79fccf92703bbbbc20890e36</param></service>
+              <param name="changesrevision">742565b964545a2618f0809a3219cf0cdf185cd3</param></service>
 </servicedata>
\ No newline at end of file
diff --git a/aaa_base-84.87+git20240821.fbabe1d.tar b/aaa_base-84.87+git20240906.742565b.tar
similarity index 91%
rename from aaa_base-84.87+git20240821.fbabe1d.tar
rename to aaa_base-84.87+git20240906.742565b.tar
index f1ba0c0..705e483 100644
Binary files a/aaa_base-84.87+git20240821.fbabe1d.tar and b/aaa_base-84.87+git20240906.742565b.tar differ
diff --git a/aaa_base.changes b/aaa_base.changes
index 32173c9..1be402e 100644
--- a/aaa_base.changes
+++ b/aaa_base.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Fri Sep 06 09:04:40 UTC 2024 - dmueller@suse.com
+
+- Update to version 84.87+git20240906.742565b:
+  * yama-enable-ptrace: enforce changed behavior upon installation (bsc#1221763)
+  * Avoid unnecessary /bin/bash dependency
+  * sysctl: Fixup of not setting kernel.pid_max on 32b archs (bsc#1227117)
+
 -------------------------------------------------------------------
 Wed Aug 21 08:51:24 UTC 2024 - kukuk@suse.com
 
diff --git a/aaa_base.spec b/aaa_base.spec
index 4cc34fc..edb68b2 100644
--- a/aaa_base.spec
+++ b/aaa_base.spec
@@ -33,7 +33,7 @@ BuildRequires:  git-core
 %endif
 
 Name:           aaa_base
-Version:        84.87+git20240821.fbabe1d%{git_version}
+Version:        84.87+git20240906.742565b%{git_version}
 Release:        0
 Summary:        openSUSE Base Package
 License:        GPL-2.0-or-later
@@ -193,6 +193,22 @@ fi
 %postun extras
 %service_del_postun backup-rpmdb.service backup-rpmdb.timer backup-sysconfig.service backup-sysconfig.timer check-battery.service check-battery.timer
 
+%post yama-enable-ptrace
+# check if yama is active
+if [ -f /proc/sys/kernel/yama/ptrace_scope ]; then
+  # automatically disable ptrace protection upon install if systemd is not
+  # available. Usually system will automatically apply the setting
+  if ! type -p systemd-notify > /dev/null || ! systemd-notify --booted; then
+    # don't do it on transactional systems to avoid altering the state of the
+    # system before reboot
+    if [ -z "${TRANSACTIONAL_UPDATE}" ]; then
+      # can't use sysctl since that would cause us to require procps, which is
+      # bad for container size
+      echo 0 > /proc/sys/kernel/yama/ptrace_scope || :
+    fi
+  fi
+fi
+
 %files
 %license COPYING
 %ghost %config(noreplace) /etc/sysctl.conf