diff --git a/iperf-3.17.1.tar.gz b/iperf-3.17.1.tar.gz
deleted file mode 100644
index 0bc6852..0000000
--- a/iperf-3.17.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:84404ca8431b595e86c473d8f23d8bb102810001f15feaf610effd3b318788aa
-size 670547
diff --git a/iperf-3.17.1.tar.gz.sha256 b/iperf-3.17.1.tar.gz.sha256
deleted file mode 100644
index 22c5d6e..0000000
--- a/iperf-3.17.1.tar.gz.sha256
+++ /dev/null
@@ -1 +0,0 @@
-84404ca8431b595e86c473d8f23d8bb102810001f15feaf610effd3b318788aa  iperf-3.17.1.tar.gz
diff --git a/iperf-3.18.tar.gz b/iperf-3.18.tar.gz
new file mode 100644
index 0000000..70561a5
--- /dev/null
+++ b/iperf-3.18.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c0618175514331e766522500e20c94bfb293b4424eb27d7207fb427b88d20bab
+size 688037
diff --git a/iperf-3.18.tar.gz.sha256 b/iperf-3.18.tar.gz.sha256
new file mode 100644
index 0000000..812669c
--- /dev/null
+++ b/iperf-3.18.tar.gz.sha256
@@ -0,0 +1 @@
+c0618175514331e766522500e20c94bfb293b4424eb27d7207fb427b88d20bab  iperf-3.18.tar.gz
diff --git a/iperf.changes b/iperf.changes
index 1e9ea47..9065411 100644
--- a/iperf.changes
+++ b/iperf.changes
@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Mon Jan 27 17:55:30 UTC 2025 - Dirk Müller <dmueller@suse.com>
+
+- update to 3.18 (bsc#1234705, CVE-2024-53580):
+  * SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for
+    discovering a JSON type security vulnerability that caused a
+    segmentation fault in the server. (CVE-2024-53580)
+    This has now been fixed. (PR#1810)
+  * UDP packets per second now reports the correct number of
+    packets, by reporting NET_SOFTERROR if there's a EAGAIN/EINTR
+    errno if no data was sent (#1367/PR#1379).
+  * Several segmentation faults related to threading were fixed.
+    One where `pthread_cancel` was called on an improperly
+    initialized thread (#1801), another where threads were being
+    recycled (#1760/PR#1761), and another where threads were
+    improperly handling signals (#1750/PR#1752).
+  * A segmentation fault from calling `freeaddrinfo` with `NULL`
+    was fixed (PR#1755).
+  * Some JSON options were fixed, including checking the size for
+    `json_read` (PR#1709), but the size limit was removed for
+    received server output (PR#1779).
+  * A rcv-timeout error has been fixed. The Nread timeout was
+    hardcoded and timed out before the `--rcv-timeout` option
+  * There is no longer a limit on the omit time period
+  * Fixed an output crash under 32-bit big-endian systems
+  * An issue was fixed where CPU utilization was unexpectedly
+    high during limited baud rate tests. The `--pacing-timer`
+    option was removed, but it is still available in the library
+  * Add SCTP information to `--json` output and fixed compile
+    error when SCTP is not supported (#1731).
+  * `--fq-rate` was changed from a uint to a uint64 to allow
+    pacing above 32G.  Not yet tested on big-endian systems
+
 -------------------------------------------------------------------
 Fri Nov 15 14:49:57 UTC 2024 - Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
 
diff --git a/iperf.spec b/iperf.spec
index 032461a..86e0ac8 100644
--- a/iperf.spec
+++ b/iperf.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package iperf
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,14 +18,14 @@
 
 %define soname  0
 Name:           iperf
-Version:        3.17.1
+Version:        3.18
 Release:        0
 Summary:        A tool to measure network performance
 License:        BSD-3-Clause
 Group:          Productivity/Networking/Diagnostic
-URL:            https://software.es.net/iperf/
-Source:         https://downloads.es.net/pub/iperf/iperf-%{version}.tar.gz
-Source1:        https://downloads.es.net/pub/iperf/iperf-%{version}.tar.gz.sha256
+URL:            https://github.com/esnet/iperf
+Source:         https://github.com/esnet/iperf/releases/download/%{version}/iperf-%{version}.tar.gz
+Source1:        https://github.com/esnet/iperf/releases/download/%{version}/iperf-%{version}.tar.gz.sha256
 Requires:       lib%{name}%{soname} = %{version}-%{release}
 %if %{?sles_version} && %{?sles_version} <= 11
 BuildRequires:  libuuid-devel