diff --git a/libxml2-2.10.2.tar.xz b/libxml2-2.10.2.tar.xz
deleted file mode 100644
index fe43b9b..0000000
--- a/libxml2-2.10.2.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265
-size 2636304
diff --git a/libxml2-2.10.3.tar.xz b/libxml2-2.10.3.tar.xz
new file mode 100644
index 0000000..45fc7a9
--- /dev/null
+++ b/libxml2-2.10.3.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5d2cc3d78bec3dbe212a9d7fa629ada25a7da928af432c93060ff5c17ee28a9c
+size 2639908
diff --git a/libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch b/libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
index 9f428a5..8d04bc8 100644
--- a/libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
+++ b/libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
@@ -2,9 +2,11 @@
  xpath.c |   40 +++++++++++++++++++++++++++++-----------
  1 file changed, 29 insertions(+), 11 deletions(-)
 
---- a/xpath.c
-+++ b/xpath.c
-@@ -126,14 +126,32 @@
+Index: libxml2-2.10.3/xpath.c
+===================================================================
+--- libxml2-2.10.3.orig/xpath.c
++++ libxml2-2.10.3/xpath.c
+@@ -113,14 +113,32 @@
  #define XPATH_MAX_STACK_DEPTH 1000000
  
  /*
@@ -42,7 +44,7 @@
  
  /*
   * XPATH_MAX_RECRUSION_DEPTH:
-@@ -3683,7 +3701,7 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur,
+@@ -3689,7 +3707,7 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur,
      } else if (cur->nodeNr == cur->nodeMax) {
          xmlNodePtr *temp;
  
@@ -51,7 +53,7 @@
              xmlXPathErrMemory(NULL, "growing nodeset hit limit\n");
              return(-1);
          }
-@@ -3739,7 +3757,7 @@ xmlXPathNodeSetAdd(xmlNodeSetPtr cur, xm
+@@ -3745,7 +3763,7 @@ xmlXPathNodeSetAdd(xmlNodeSetPtr cur, xm
      } else if (cur->nodeNr == cur->nodeMax) {
          xmlNodePtr *temp;
  
@@ -60,7 +62,7 @@
              xmlXPathErrMemory(NULL, "growing nodeset hit limit\n");
              return(-1);
          }
-@@ -3794,7 +3812,7 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr c
+@@ -3800,7 +3818,7 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr c
      } else if (cur->nodeNr == cur->nodeMax) {
          xmlNodePtr *temp;
  
@@ -69,7 +71,7 @@
              xmlXPathErrMemory(NULL, "growing nodeset hit limit\n");
              return(-1);
          }
-@@ -3911,7 +3929,7 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1,
+@@ -3917,7 +3935,7 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1,
  	} else if (val1->nodeNr == val1->nodeMax) {
  	    xmlNodePtr *temp;
  
@@ -78,7 +80,7 @@
                  xmlXPathErrMemory(NULL, "merging nodeset hit limit\n");
                  return(NULL);
              }
-@@ -3997,7 +4015,7 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetP
+@@ -4003,7 +4021,7 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetP
  	    } else if (set1->nodeNr >= set1->nodeMax) {
  		xmlNodePtr *temp;
  
@@ -87,7 +89,7 @@
                      xmlXPathErrMemory(NULL, "merging nodeset hit limit\n");
                      return(NULL);
                  }
-@@ -4051,7 +4069,7 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlN
+@@ -4057,7 +4075,7 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlN
  	    } else if (set1->nodeNr >= set1->nodeMax) {
  		xmlNodePtr *temp;
  
diff --git a/libxml2-python3-string-null-check.patch b/libxml2-python3-string-null-check.patch
index 4a43603..621e92b 100644
--- a/libxml2-python3-string-null-check.patch
+++ b/libxml2-python3-string-null-check.patch
@@ -11,9 +11,11 @@ invalid string.
  python/types.c |    4 ++++
  1 file changed, 4 insertions(+)
 
---- a/python/types.c
-+++ b/python/types.c
-@@ -150,6 +150,10 @@ libxml_charPtrConstWrap(const char *str)
+Index: libxml2-2.10.3/python/types.c
+===================================================================
+--- libxml2-2.10.3.orig/python/types.c
++++ libxml2-2.10.3/python/types.c
+@@ -274,6 +274,10 @@ libxml_charPtrConstWrap(const char *str)
          return (Py_None);
      }
      ret = PY_IMPORT_STRING(str);
diff --git a/libxml2.changes b/libxml2.changes
index 780cbc3..91733e2 100644
--- a/libxml2.changes
+++ b/libxml2.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Oct 14 15:04:09 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version 2.10.3:
+  + Security:
+    - [CVE-2022-40304] Fix dict corruption caused by entity
+      reference cycles
+    - [CVE-2022-40303] Fix integer overflows with XML_PARSE_HUGE
+    - Fix overflow check in SAX2.c
+  + Build system: cmake: Set SOVERSION
+- Rebase patches with quilt.
+
 -------------------------------------------------------------------
 Thu Sep  1 15:13:08 UTC 2022 - Pedro Monreal <pmonreal@suse.com>
 
diff --git a/libxml2.spec b/libxml2.spec
index 714f67c..c7a2eb8 100644
--- a/libxml2.spec
+++ b/libxml2.spec
@@ -25,7 +25,7 @@
 %endif
 
 Name:           libxml2%{?dash}%{flavor}
-Version:        2.10.2
+Version:        2.10.3
 Release:        0
 License:        MIT
 Summary:        A Library to Manipulate XML Files