diff --git a/python-Werkzeug.changes b/python-Werkzeug.changes
index 69fc2ab..3834c4a 100644
--- a/python-Werkzeug.changes
+++ b/python-Werkzeug.changes
@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Mon Oct 28 12:57:32 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Update to 3.0.6 (bsc#1232449, CVE-2024-49767):
+  * Fix how max_form_memory_size is applied when parsing large
+    non-file fields. GHSA-q34m-jh98-gwm2
+  * safe_join catches certain paths on Windows that were not caught by
+    ntpath.isabs on Python < 3.11. GHSA-f9vj-2wh5-fj8j
+- 3.0.5:
+  * The Watchdog reloader ignores file closed no write events. #2945
+  * Logging works with client addresses containing an IPv6 scope.
+    #2952
+  * Ignore invalid authorization parameters. #2955
+  * Improve type annotation fore SharedDataMiddleware. #2958
+  * Compatibility with Python 3.13 when generating debugger pin and
+    the current UID does not have an associated name. #2957
+
+-------------------------------------------------------------------
+Mon Aug 26 14:36:39 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 3.0.4
+  * Restore behavior where parsing `multipart/x-www-form-urlencoded` data with
+    invalid UTF-8 bytes in the body results in no form data parsed rather than a
+    413 error. :issue:`2930`
+  * Improve ``parse_options_header`` performance when parsing unterminated
+    quoted string values. :issue:`2904`
+  * Debugger pin auth is synchronized across threads/processes when tracking
+    failed entries. :issue:`2916`
+  * Dev server handles unexpected `SSLEOFError` due to issue in Python < 3.13.
+    :issue:`2926`
+  * Debugger pin auth works when the URL already contains a query string.
+    :issue:`2918`
+
 -------------------------------------------------------------------
 Tue May  7 06:01:38 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
 
diff --git a/python-Werkzeug.spec b/python-Werkzeug.spec
index 4e2b145..e03d273 100644
--- a/python-Werkzeug.spec
+++ b/python-Werkzeug.spec
@@ -27,7 +27,7 @@
 
 %{?sle15_python_module_pythons}
 Name:           python-Werkzeug%{psuffix}
-Version:        3.0.3
+Version:        3.0.6
 Release:        0
 Summary:        The Swiss Army knife of Python web development
 License:        BSD-3-Clause
@@ -109,6 +109,7 @@ donttest+=" or test_wrong_protocol"
 donttest+=" or test_content_type_and_length"
 donttest+=" or test_multiple_headers_concatenated"
 donttest+=" or test_multiline_header_folding"
+donttest+=" or test_host_with_ipv6_scope"
 %pytest -k "not ($donttest)"
 %endif
 
diff --git a/werkzeug-3.0.3.tar.gz b/werkzeug-3.0.3.tar.gz
deleted file mode 100644
index ef5d5e4..0000000
--- a/werkzeug-3.0.3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18
-size 803342
diff --git a/werkzeug-3.0.6.tar.gz b/werkzeug-3.0.6.tar.gz
new file mode 100644
index 0000000..c48fd90
--- /dev/null
+++ b/werkzeug-3.0.6.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a8dd59d4de28ca70471a34cba79bed5f7ef2e036a76b3ab0835474246eb41f8d
+size 805170