diff --git a/ansible-2.9.11.tar.gz b/ansible-2.9.11.tar.gz
deleted file mode 100644
index b8cc2d2..0000000
--- a/ansible-2.9.11.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:88f9d033ece7fd51eca3abb4f02e13b63c924b97f9705a997d5a711c0cf42ab1
-size 14243995
diff --git a/ansible-2.9.11.tar.gz.sha b/ansible-2.9.11.tar.gz.sha
deleted file mode 100644
index ea5862f..0000000
--- a/ansible-2.9.11.tar.gz.sha
+++ /dev/null
@@ -1 +0,0 @@
-88f9d033ece7fd51eca3abb4f02e13b63c924b97f9705a997d5a711c0cf42ab1  ansible-2.9.11.tar.gz
diff --git a/ansible-2.9.12.tar.gz b/ansible-2.9.12.tar.gz
new file mode 100644
index 0000000..a2373ec
--- /dev/null
+++ b/ansible-2.9.12.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7e95ddf719190b068fafc7d7c7877c218054cc5da4f6d9d794faf7bc66dab774
+size 14260349
diff --git a/ansible-2.9.12.tar.gz.sha b/ansible-2.9.12.tar.gz.sha
new file mode 100644
index 0000000..39019ab
--- /dev/null
+++ b/ansible-2.9.12.tar.gz.sha
@@ -0,0 +1 @@
+7e95ddf719190b068fafc7d7c7877c218054cc5da4f6d9d794faf7bc66dab774  ansible-2.9.12.tar.gz
diff --git a/ansible.changes b/ansible.changes
index bd363de..3ad6838 100644
--- a/ansible.changes
+++ b/ansible.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Tue Aug 11 05:09:36 UTC 2020 - Michael Ströder <michael@stroeder.com>
+
+- update to version 2.9.12 with many bug fixes,
+  most notably the following security fixes:
+  * security issue - copy - Redact the value of the no_log 'content' 
+    parameter in the result's invocation.module_args in check mode. 
+    Previously when used with check mode and with '-vvv', the module would 
+    not censor the content if a change would be made to the destination path. 
+    (CVE-2020-14332)
+  * security issue atomic_move - change default permissions when creating 
+    temporary files so they are not world readable 
+    (https://github.com/ansible/ansible/issues/67794) (CVE-2020-1736)
+  * Fix warning for default permission change when no mode is specified. 
+    Follow up to https://github.com/ansible/ansible/issues/67794. 
+    (CVE-2020-1736)
+  * Sanitize no_log values from any response keys that might be returned 
+    from the uri module (CVE-2020-14330).
+  * reset logging level to INFO due to CVE-2019-14846.
+
 -------------------------------------------------------------------
 Tue Jul 21 04:48:11 UTC 2020 - Michael Ströder <michael@stroeder.com>
 
diff --git a/ansible.spec b/ansible.spec
index 42a9061..01ef45a 100644
--- a/ansible.spec
+++ b/ansible.spec
@@ -220,7 +220,7 @@ Recommends:     %{python}-six
 Recommends:     sshpass
 %endif
 Name:           ansible
-Version:        2.9.11
+Version:        2.9.12
 Release:        0
 Summary:        SSH-based configuration management, deployment, and task execution system
 License:        GPL-3.0-or-later