diff --git a/_service b/_service
index 8eb763d..3eb9367 100644
--- a/_service
+++ b/_service
@@ -4,7 +4,7 @@
     <param name="scm">git</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="changesgenerate">enable</param>
-    <param name="revision">refs/tags/1.2.0</param>
+    <param name="revision">refs/tags/1.2.3</param>
   </service>
   <service name="recompress" mode="disabled">
     <param name="file">*.tar</param>
diff --git a/_servicedata b/_servicedata
index 0b03d64..39ac01b 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/flatpak/flatpak.git</param>
-              <param name="changesrevision">7baac10cdbb9096e675377d8adf21a09e2ffd2e8</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">428c7bf8566d1cdb9f5eafccde1a19a41aeab144</param></service></servicedata>
\ No newline at end of file
diff --git a/flatpak-1.2.0.tar.xz b/flatpak-1.2.0.tar.xz
deleted file mode 100644
index 4c339db..0000000
--- a/flatpak-1.2.0.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6291e612f3e8bc10c896a4908d4817d34a43522d39380645a215b3a2f798f39d
-size 795844
diff --git a/flatpak-1.2.3.tar.xz b/flatpak-1.2.3.tar.xz
new file mode 100644
index 0000000..672b008
--- /dev/null
+++ b/flatpak-1.2.3.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:50201d99a77bb1968971ee96bf543b656d50024fad6d9251070b47316cfae2f0
+size 799440
diff --git a/flatpak.changes b/flatpak.changes
index 6ffd8fe..f59895a 100644
--- a/flatpak.changes
+++ b/flatpak.changes
@@ -1,3 +1,33 @@
+-------------------------------------------------------------------
+Wed Feb 13 08:06:06 UTC 2019 - alarrosa@suse.com
+
+- Update to version 1.2.3:
+  + Don't expose /proc in apply_extra script sandbox. The CVE-2019-5736
+    runc vulnerability is about using /proc/self/exe to modify the host
+    side binary from the sandbox. This mostly does not affect flatpak
+    since the flatpak sandbox is not run with root permissions.
+    However, there is one case (running the apply_extra script for
+    system installs) where this happens, so this release contains a fix
+    for that.
+- Update to version 1.2.2:
+  + Reverted green checkbox as they caused table alignment issues
+  + Fix a division by zero if the terminal reports a zero terminal
+    width (which happens in the flathub build environment).
+- Update to version 1.2.1:
+  + Ensure flatpak builds with older versions of glib and
+    appstream-glib.
+  + build-commit-from: Fix the new --extra-id option.
+  + build-export: Allow disabling the sandboxing of the icon validator
+    and do so during the tests.
+  + profile: Don't break if debug logging is enabled.
+  + Better handling of the appdata release attribute.
+  + Don't install polkit agent when not needed, avoiding some
+    unnecessary log lines in some cases.
+  + Fix the output of the sandboxed icon validator not being visible.
+  + builld-init: Allow specifying a full ref for the sdk, which is
+    used to select the branch name when checking sdk extensions.
+  + Make the ok checks in the output green
+
 -------------------------------------------------------------------
 Mon Jan 28 20:58:56 UTC 2019 - bjorn.lie@gmail.com
 
diff --git a/flatpak.spec b/flatpak.spec
index 7662030..d954057 100644
--- a/flatpak.spec
+++ b/flatpak.spec
@@ -18,7 +18,7 @@
 
 %define libname libflatpak0
 Name:           flatpak
-Version:        1.2.0
+Version:        1.2.3
 Release:        0
 Summary:        OSTree based application bundles management
 License:        LGPL-2.1-or-later