diff --git a/frr-10.0.2.tar.gz b/frr-10.0.2.tar.gz
deleted file mode 100644
index d093816..0000000
--- a/frr-10.0.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f8cac2f3c9184d2392d1cd6fd9ea08c1e838d3b1fa633ea8845f01ed0fac50b3
-size 10968487
diff --git a/frr-10.2.1.tar.gz b/frr-10.2.1.tar.gz
new file mode 100644
index 0000000..92ab182
--- /dev/null
+++ b/frr-10.2.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6cbf142d0b12fb8679f5dc95f7638ba6faf848a44f38fd45bf9caeee8c12097c
+size 11178677
diff --git a/frr.changes b/frr.changes
index 6cde8bf..4a4e8de 100644
--- a/frr.changes
+++ b/frr.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Thu Jan  9 11:04:40 UTC 2025 - Marius Tomaschewski <mt@suse.com>
+
+- Update to frr 10.2.1 release providing fix for a Denial of Service
+  scenario due to RIB revalidation (CVE-2024-55553,bsc#1235237) and
+  other fixes, see https://frrouting.org/release/10.2.1/
+  The 10.2 version provides new features and many enhancements, see
+  https://frrouting.org/release/10.2/
+- Add new fpm_listener daemon binary to rpm file lists.
+- Remove --localstatedir configure parameter causing to use /run/lib
+  instead of /var/lib prefix for the northbound databases and added
+  the /var/lib/frr directory to the rpm file list.
+- Adjust to set permissions in rpm attr macros (rpmlint suggestion)
+  and use frr_group instead of frr_user in group parameter.
+
 -------------------------------------------------------------------
 Mon Sep 30 09:49:59 UTC 2024 - Marius Tomaschewski <mt@suse.com>
 
diff --git a/frr.spec b/frr.spec
index b26caaf..4c73805 100644
--- a/frr.spec
+++ b/frr.spec
@@ -25,12 +25,14 @@
 %define frr_user frr
 %define frr_group frr
 %define frrvty_group frrvty
+# see configure: frr_libstatedir=/var/lib/frr
 %define frr_home %{_localstatedir}/lib/%{name}
+# see configure: frr_runstatedir=[/var]/run/frr
 %define frr_statedir %{_rundir}/%{name}
 %define frr_daemondir %{_prefix}/lib/frr
 
 Name:           frr
-Version:        10.0.2
+Version:        10.2.1
 Release:        0
 Summary:        The FRRouting Protocol Suite
 License:        GPL-2.0-or-later AND LGPL-2.1-or-later
@@ -207,7 +209,6 @@ autoreconf -fiv
 %configure \
     --disable-silent-rules \
     --sysconfdir=%{_sysconfdir}\
-    --localstatedir=%{_rundir} \
     --sbindir=%{frr_daemondir} \
     --with-moduledir=%{_libdir}/frr/modules \
     --disable-static \
@@ -298,7 +299,8 @@ install -D -m 0644 redhat/frr.logrotate %{buildroot}%{_distconfdir}/logrotate.d/
 install -D -m 0644 redhat/frr.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/frr
 %endif
 
-install -d -m 0750 %{buildroot}%{rundir}
+install -d -m 0750 %{buildroot}%{frr_home}
+install -d -m 0751 %{buildroot}%{frr_statedir}
 install -d -m 0750 %{buildroot}%{_localstatedir}/log/frr
 install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/%{name}.conf
 sed -e "s|@frr_statedir@|%{frr_statedir}|g" -i %{buildroot}/%{_tmpfilesdir}/%{name}.conf
@@ -387,10 +389,10 @@ done
 %license COPYING
 %doc README.md
 %doc doc/mpls
-%dir %attr(750,%{frr_user},%{frr_user}) %{_sysconfdir}/%{name}
-%config(noreplace) %attr(640,%{frr_user},%{frr_group}) %{_sysconfdir}/%{name}/[!v]*.conf*
-%config(noreplace) %attr(640,%{frr_user},%{frrvty_group}) %{_sysconfdir}/%{name}/vtysh.conf
-%config(noreplace) %%attr(640,%{frr_user},%{frr_group}) %{_sysconfdir}/%{name}/daemons
+%dir %attr(0750,%{frr_user},%{frr_group}) %{_sysconfdir}/%{name}
+%config(noreplace) %attr(0640,%{frr_user},%{frr_group}) %{_sysconfdir}/%{name}/[!v]*.conf*
+%config(noreplace) %attr(0640,%{frr_user},%{frrvty_group}) %{_sysconfdir}/%{name}/vtysh.conf
+%config(noreplace) %attr(0640,%{frr_user},%{frr_group}) %{_sysconfdir}/%{name}/daemons
 %if 0%{?suse_version} > 1500
 %{_pam_vendordir}/frr
 %else
@@ -407,9 +409,10 @@ done
 %{_unitdir}/%{name}.service
 %dir %{_tmpfilesdir}
 %{_tmpfilesdir}/%{name}.conf
-%dir %attr(-,%{frr_user},%{frr_group}) %{_localstatedir}/log/frr
-%dir %attr(-,%{frr_user},%{frr_group}) %ghost %{frr_statedir}
+%dir %attr(0750,%{frr_user},%{frr_group}) %{_localstatedir}/log/frr
+%dir %attr(0751,%{frr_user},%{frr_group}) %ghost %{frr_statedir}
 %{_sbindir}/rc%{name}
+%dir %attr(0750,%{frr_user},%{frr_group}) %{frr_home}
 %dir %{_prefix}/lib/frr
 %{_prefix}/lib/frr/fabricd
 %{_prefix}/lib/frr/vrrpd
@@ -444,6 +447,7 @@ done
 %{frr_daemondir}/watchfrr
 %{frr_daemondir}/watchfrr.sh
 %{frr_daemondir}/zebra
+%{frr_daemondir}/fpm_listener
 %dir %{_libdir}/frr
 %dir %{_libdir}/frr/modules
 %{_libdir}/frr/modules/zebra_cumulus_mlag.so