diff --git a/id3_ucs4_length-sanity-check.patch b/id3_ucs4_length-sanity-check.patch
deleted file mode 100644
index d2b5bda..0000000
--- a/id3_ucs4_length-sanity-check.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -rup libid3tag-0.16.1.orig/ucs4.c libid3tag-0.16.1/ucs4.c
---- libid3tag-0.16.1.orig/ucs4.c	2021-08-15 22:52:07.000000000 +0200
-+++ libid3tag-0.16.1/ucs4.c	2022-04-08 09:47:54.980481313 +0200
-@@ -39,6 +39,9 @@ id3_length_t id3_ucs4_length(id3_ucs4_t
- {
-   id3_ucs4_t const *ptr = ucs4;
- 
-+  if (! ucs4)
-+    return 0;
-+
-   while (*ptr)
-     ++ptr;
- 
diff --git a/libid3tag-0.16.1.tar.gz b/libid3tag-0.16.1.tar.gz
deleted file mode 100644
index 90cf079..0000000
--- a/libid3tag-0.16.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:185a6cec84644cf1aade8397dcf76753bcb3bd85ec2111a9e1079214ed85bef0
-size 98074
diff --git a/libid3tag-0.16.2.tar.gz b/libid3tag-0.16.2.tar.gz
new file mode 100644
index 0000000..8021648
--- /dev/null
+++ b/libid3tag-0.16.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:96198b7c8803bcda44e299615e1929a85bd5a5da02e67ebc442735bc50018190
+size 53065
diff --git a/libid3tag.changes b/libid3tag.changes
index 8d8796a..a5314ed 100644
--- a/libid3tag.changes
+++ b/libid3tag.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon May  9 17:01:41 UTC 2022 - Christophe Giboudeaux <christophe@krop.fr>
+
+- Update to 0.16.2
+  * Fix null pointer dereference in id3_ucs4_length
+    (boo#1081962, CVE-2017-11550)
+- Drop id3_ucs4_length-sanity-check.patch. Merged upstream.
+
 -------------------------------------------------------------------
 Fri Apr  8 13:46:43 UTC 2022 - Manfred Hollstein <manfred.h@gmx.net>
 
diff --git a/libid3tag.spec b/libid3tag.spec
index 9f21b30..3843b3f 100644
--- a/libid3tag.spec
+++ b/libid3tag.spec
@@ -16,9 +16,9 @@
 #
 
 
-%define lver 0_16_1
+%define lver 0_16_2
 Name:           libid3tag
-Version:        0.16.1
+Version:        0.16.2
 Release:        0
 Summary:        ID3 Tag Manipulation Library
 License:        GPL-2.0-or-later
@@ -26,11 +26,10 @@ Group:          Development/Libraries/C and C++
 URL:            https://github.com/tenacityteam/libid3tag
 Source0:        %{url}/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Source1:        baselibs.conf
-Patch0:         id3_ucs4_length-sanity-check.patch
 BuildRequires:  c++_compiler
 BuildRequires:  cmake
 BuildRequires:  gperf
-BuildRequires:  pkg-config
+BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(zlib)
 
 %description
@@ -56,7 +55,6 @@ develop applications with libid3tag.
 
 %prep
 %setup -q
-%patch0 -p1
 
 %build
 %cmake