diff --git a/xmlsec1-1.2.37.tar.gz b/xmlsec1-1.2.37.tar.gz
deleted file mode 100644
index d0b24c5..0000000
--- a/xmlsec1-1.2.37.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5f8dfbcb6d1e56bddd0b5ec2e00a3d0ca5342a9f57c24dffde5c796b2be2871c
-size 2009175
diff --git a/xmlsec1-1.2.37.tar.gz.sig b/xmlsec1-1.2.37.tar.gz.sig
deleted file mode 100644
index b5b7037..0000000
Binary files a/xmlsec1-1.2.37.tar.gz.sig and /dev/null differ
diff --git a/xmlsec1-1.2.40.tar.gz b/xmlsec1-1.2.40.tar.gz
new file mode 100644
index 0000000..06937e6
--- /dev/null
+++ b/xmlsec1-1.2.40.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0290c7ec52e80d60e209928da33a95436a2264755255b780d52c438e6105dd31
+size 2057329
diff --git a/xmlsec1-1.2.40.tar.gz.sig b/xmlsec1-1.2.40.tar.gz.sig
new file mode 100644
index 0000000..f0c439e
Binary files /dev/null and b/xmlsec1-1.2.40.tar.gz.sig differ
diff --git a/xmlsec1-ui_null.patch b/xmlsec1-ui_null.patch
new file mode 100644
index 0000000..b0acdf1
--- /dev/null
+++ b/xmlsec1-ui_null.patch
@@ -0,0 +1,20 @@
+--- xmlsec1-1.2.33/src/openssl/app.c	2022-01-28 07:47:11.922603482 +0100
++++ xmlsec1-1.2.33/src/openssl/app.c	2022-01-28 08:18:12.786240295 +0100
+@@ -437,7 +437,7 @@
+         }
+     }
+ 
+-    if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)UI_null(), 0, 1) < 0) {
++    if(ENGINE_ctrl_cmd(engine, "SET_USER_INTERFACE", 0, (void *)0, 0, 1) < 0) {
+         xmlSecOpenSSLError("ENGINE_ctrl_cmd_string(SET_USER_INTERFACE)", NULL);
+         goto done;
+     }
+@@ -453,7 +453,7 @@
+ 
+     /* load private key */
+     pKey = ENGINE_load_private_key(engine, engineKeyId,
+-                                   (UI_METHOD *)UI_null(),
++                                   (UI_METHOD *)0,
+                                    NULL);
+     if(pKey == NULL) {
+         xmlSecOpenSSLError("ENGINE_load_private_key", NULL);
diff --git a/xmlsec1.changes b/xmlsec1.changes
index d0299c0..87f2977 100644
--- a/xmlsec1.changes
+++ b/xmlsec1.changes
@@ -1,3 +1,51 @@
+-------------------------------------------------------------------
+Fri Jul 12 06:09:16 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Update to 1.2.40 
+  The legacy XML Security Library 1.2.40 release includes the following changes:
+  * (xmlsec-core) Fixed functions deprecated in LibXML2 2.13.1 (including disabling HTTP support by default).
+  * (xmlsec-nss) Increased keys size in all tests to support NSS 3.101.
+  * (windows) Added "ftp" and "http" flags in 'configure.js' (both are disabled by default).
+  * Several other small fixes (more details).
+
+- Update to 1.2.39
+  The legacy XML Security Library 1.2.39 release includes the following changes:
+  * Added options to enable/disable local files, HTTP, and FTP support. FTP is disabled by default.
+  * Several other small fixes (more details).
+
+- Remove upstreamed xmlsec1-gcc14.patch
+
+-------------------------------------------------------------------
+Fri May 24 17:15:05 UTC 2024 - Fridrich Strba <fstrba@suse.com>
+
+- Added patch:
+  * xmlsec1-gcc14.patch
+    + add missing include and fix gcc14 build
+
+-------------------------------------------------------------------
+Mon Feb 26 12:24:45 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Use %patch -P N instead of deprecated %patchN.
+
+-------------------------------------------------------------------
+Fri Dec 15 06:33:23 UTC 2023 - Fridrich Strba <fstrba@suse.com>
+
+- Update to 1.2.38
+  * Have a look at the changelog for the list of changes
+
+-------------------------------------------------------------------
+Thu Nov 30 14:49:16 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Make use of openSUSE build flags
+
+-------------------------------------------------------------------
+Tue Aug  8 15:41:15 UTC 2023 - Fridrich Strba <fstrba@suse.com>
+
+- Added patch:
+  * xmlsec1-ui_null.patch
+    + fix build with older versions of openssl that don't have
+      UI_null() method
+
 -------------------------------------------------------------------
 Wed Feb  1 09:23:37 UTC 2023 - Dirk Müller <dmueller@suse.com>
 
diff --git a/xmlsec1.spec b/xmlsec1.spec
index 1a4885e..2ba5e7e 100644
--- a/xmlsec1.spec
+++ b/xmlsec1.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package xmlsec1
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -23,7 +23,7 @@
 %global libgnutls  libxmlsec1-gnutls1
 %global libnss     libxmlsec1-nss1
 Name:           xmlsec1
-Version:        1.2.37
+Version:        1.2.40
 Release:        0
 Summary:        Library providing support for "XML Signature" and "XML Encryption" standards
 License:        MIT
@@ -32,6 +32,7 @@ Source0:        https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.g
 Source1:        https://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.sig#/xmlsec1-%{version}.tar.gz.sig
 Source2:        %{name}.keyring
 Source99:       xmlsec1-rpmlintrc
+Patch0:         xmlsec1-ui_null.patch
 BuildRequires:  libgcrypt-devel
 BuildRequires:  libtool
 # Needed certutil for tests
@@ -140,16 +141,18 @@ Requires:       mozilla-nss-devel >= 3.2
 Libraries, includes, etc. for developing XML Security applications with NSS.
 
 %prep
-%autosetup -p1
+%setup -q
+%if 0%{?suse_version} < 1500
+%patch -P 0 -p1
+%endif
 
 %build
 # Allow for deprecations
-export CFLAGS="-Wno-error=deprecated-declarations"
-export CXXFLAGS="-Wno-error=deprecated-declarations"
+export CFLAGS="%{optflags} -Wno-error=deprecated-declarations -std=c99"
+export CXXFLAGS="%{optflags} -Wno-error=deprecated-declarations"
 %configure \
     --disable-static \
     --disable-silent-rules \
-    --enable-werror \
     --disable-md5
 %make_build