diff --git a/cronie-1.5.2.tar.gz b/cronie-1.5.2.tar.gz
deleted file mode 100644
index 46d9921..0000000
--- a/cronie-1.5.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:28cfdc6cc7df304dced6d0d0543767d8d22926f669a28d650c0513c168183eb4
-size 121604
diff --git a/cronie-1.5.3.tar.gz b/cronie-1.5.3.tar.gz
new file mode 100644
index 0000000..532b20f
--- /dev/null
+++ b/cronie-1.5.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1cb51ef28e079153227ff3d0de8e876863e9b57b25642ced37df48769960fe20
+size 122363
diff --git a/cronie-nheader_lines.diff b/cronie-nheader_lines.diff
index 380638c..57beb41 100644
--- a/cronie-nheader_lines.diff
+++ b/cronie-nheader_lines.diff
@@ -2,7 +2,7 @@ Index: src/crontab.c
 ===================================================================
 --- src/crontab.c.orig
 +++ src/crontab.c
-@@ -65,7 +65,7 @@
+@@ -64,7 +64,7 @@
  #include "pathnames.h"
  #include "structs.h"
  
@@ -11,7 +11,7 @@ Index: src/crontab.c
  
  enum opt_t {opt_unknown, opt_list, opt_delete, opt_edit, opt_replace, opt_hostset, opt_hostget};
  
-@@ -475,7 +475,7 @@ static void edit_cmd(void) {
+@@ -485,7 +485,7 @@ static void edit_cmd(void) {
  	char n[MAX_FNAME], q[MAX_TEMPSTR];
  	const char *editor;
  	FILE *f;
@@ -20,7 +20,7 @@ Index: src/crontab.c
  	struct stat statbuf;
  	struct utimbuf utimebuf;
  	WAIT_T waiter;
-@@ -527,13 +527,25 @@ static void edit_cmd(void) {
+@@ -537,13 +537,25 @@ static void edit_cmd(void) {
  	}
  
  	Set_LineNum(1)
@@ -53,15 +53,15 @@ Index: src/crontab.c
  		while (EOF != (ch = get_char(f)))
  			putc(ch, NewCrontab);
  
-@@ -741,6 +753,7 @@ static int replace_cmd(void) {
+@@ -751,6 +763,7 @@ static int replace_cmd(void) {
  	int error = 0;
  	entry *e;
  	uid_t file_owner;
 +	time_t now = time(NULL);
  	char **envp;
  	char *safename;
- 
-@@ -770,10 +783,10 @@ static int replace_cmd(void) {
+ 	int envs = 0, entries = 0;
+@@ -781,10 +794,10 @@ static int replace_cmd(void) {
  	 *
  	 * VERY IMPORTANT: make sure NHEADER_LINES agrees with this code.
  	 */
diff --git a/cronie-pam_config.diff b/cronie-pam_config.diff
index 8d6811d..ae0793d 100644
--- a/cronie-pam_config.diff
+++ b/cronie-pam_config.diff
@@ -1,16 +1,16 @@
-Index: cronie-cronie-1.5.2/pam/crond
+Index: cronie-cronie-1.5.3/pam/crond
 ===================================================================
---- cronie-cronie-1.5.2.orig/pam/crond
-+++ cronie-cronie-1.5.2/pam/crond
+--- cronie-cronie-1.5.3.orig/pam/crond
++++ cronie-cronie-1.5.3/pam/crond
 @@ -4,8 +4,9 @@
  #
  # Although no PAM authentication is called, auth modules
  # are used for credential setting
--auth       include    password-auth
+-auth       include    system-auth
 -account    required   pam_access.so
--account    include    password-auth
+-account    include    system-auth
 -session    required   pam_loginuid.so
--session    include    password-auth
+-session    include    system-auth
 +auth     sufficient     pam_rootok.so
 +account  sufficient     pam_listfile.so item=user sense=allow file=/etc/cron.allow onerr=succeed quiet
 +auth     include        common-auth
diff --git a/cronie.changes b/cronie.changes
index 52db1e2..2ea17f6 100644
--- a/cronie.changes
+++ b/cronie.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Sun Mar 17 10:37:44 UTC 2019 - Kristýna Streitová <kstreitova@suse.com>
+
+- update to 1.5.3
+  * Fix CVE-2019-9704 [bnc#1128937] and CVE-2019-9705 [bnc#1128935]
+    to avoid local DoS of the crond
+  * crontab: Make crontab without arguments fail
+  * crond: In PAM configuration include system-auth instead of
+    password-auth
+  * crond: In the systemd service file restart crond if it fails
+  * crond: Use the role from the crond context for system job
+    contexts
+  * Multiple small cleanups and fixes.
+- refresh cronie-nheader_lines.diff and  cronie-pam_config.diff
+
 -------------------------------------------------------------------
 Wed Feb  6 15:47:40 UTC 2019 - Cristian Rodríguez <crrodriguez@opensuse.org>
 
diff --git a/cronie.spec b/cronie.spec
index 9892489..1a90bdb 100644
--- a/cronie.spec
+++ b/cronie.spec
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
 
@@ -23,7 +23,7 @@
 
 %define cron_configs %{_sysconfdir}/pam.d/crond %{_sysconfdir}/crontab %{_sysconfdir}/cron.deny
 Name:           cronie
-Version:        1.5.2
+Version:        1.5.3
 Release:        0
 Summary:        Cron Daemon
 License:        BSD-3-Clause AND GPL-2.0-only AND MIT