diff --git a/baselibs.conf b/baselibs.conf
index cc1cae8..2ced3af 100644
--- a/baselibs.conf
+++ b/baselibs.conf
@@ -1,3 +1,3 @@
-libnettle7
+libnettle8
 libnettle-devel
-libhogweed5
+libhogweed6
diff --git a/libnettle-rpmlintrc b/libnettle-rpmlintrc
new file mode 100644
index 0000000..147fe3a
--- /dev/null
+++ b/libnettle-rpmlintrc
@@ -0,0 +1,2 @@
+addFilter("libnettle.* hidden-file-or-dir .*hmac")
+addFilter("libhogweed.* hidden-file-or-dir .*hmac")
diff --git a/libnettle.changes b/libnettle.changes
index eb787ee..18ffa83 100644
--- a/libnettle.changes
+++ b/libnettle.changes
@@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Sun May 10 19:32:12 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- GNU Nettle 3.6:
+  * removal of internal and undocumented poly1305 functions
+  * Support for Curve448 and ED448 signatures
+  * Support for SHAKE256, SIV-CMAC, CMAC64, "CryptoPro" variant of
+    the GOST hash (as gosthash94cp), GOST DSA signatures, including
+    GOST curves gc256b and gc512a
+  * Support for Intel CET in x86 and x86_64 assembly files, if
+    enabled via CFLAGS (gcc --fcf-protection=full)
+  * A few new functions to improve support for the Chacha
+    variant with 96-bit nonce and 32-bit block counter (the
+    existing functions use nonce and counter of 64-bit each),
+    and functions to set the counter.
+  * New interface, struct nettle_mac, for MAC (message
+    authentication code) algorithms. This abstraction is only
+    for MACs that don't require a per-message nonce. For HMAC,
+    the key size is fixed, and equal the digest size of the
+    underlying hash function
+  * multiple bug fixes
+- drop nettle-respect-cflags.patch
+- silence packaging warning raised by HMAC files
+  (bsc#1152692, jsc#SLE-9518)
+
 -------------------------------------------------------------------
 Tue Oct  1 15:08:36 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
 
diff --git a/libnettle.spec b/libnettle.spec
index fef24ca..ee64711 100644
--- a/libnettle.spec
+++ b/libnettle.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package libnettle
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,10 +16,10 @@
 #
 
 
-%define soname 7
-%define hogweed_soname 5
+%define soname 8
+%define hogweed_soname 6
 Name:           libnettle
-Version:        3.5.1
+Version:        3.6
 Release:        0
 Summary:        Cryptographic Library
 License:        LGPL-2.1-or-later AND GPL-2.0-or-later
@@ -29,10 +29,9 @@ Source0:        https://www.lysator.liu.se/~nisse/archive/nettle-%{version}.tar.
 Source1:        https://www.lysator.liu.se/~nisse/archive/nettle-%{version}.tar.gz.sig
 Source2:        %{name}.keyring
 Source3:        baselibs.conf
-# PATCH-FIX-UPSTREAM respect cflags while building
-Patch0:         nettle-respect-cflags.patch
+Source4:        %{name}-rpmlintrc
 BuildRequires:  fipscheck
-BuildRequires:  gmp-devel
+BuildRequires:  gmp-devel >= 6.1.0
 BuildRequires:  m4
 BuildRequires:  makeinfo
 BuildRequires:  pkgconfig
@@ -94,14 +93,13 @@ operations using the nettle library.
 
 %prep
 %setup -q -n nettle-%{version}
-%patch0 -p1
 
 %build
 %configure \
     --disable-static \
     --enable-shared \
     --enable-fat
-make %{?_smp_mflags}
+%make_build
 
 %install
 %make_install
@@ -113,7 +111,7 @@ make %{?_smp_mflags}
 # invalidates a HMAC that may have been created earlier.
 # solution: create the hashes _after_ the macro runs.
 #
-# this shows up earlier because otherwise the %expand of
+# this shows up earlier because otherwise the %%expand of
 # the macro is too late.
 # remark: This is the same as running
 #   openssl dgst -sha256 -hmac 'orboDeJITITejsirpADONivirpUkvarP'
@@ -133,21 +131,23 @@ make %{?_smp_mflags}
 %install_info_delete --info-dir="%{_infodir}" "%{_infodir}"/nettle.info%{ext_info}
 
 %check
-make check %{?_smp_mflags}
+%make_build check
 
 %files -n libnettle%{soname}
 %license COPYING*
-%doc AUTHORS ChangeLog NEWS README
 %{_libdir}/libnettle.so.%{soname}
 %{_libdir}/libnettle.so.%{soname}.*
 %{_libdir}/.libnettle.so.%{soname}.hmac
 
 %files -n libhogweed%{hogweed_soname}
+%license COPYING*
 %{_libdir}/libhogweed.so.%{hogweed_soname}
 %{_libdir}/libhogweed.so.%{hogweed_soname}.*
 %{_libdir}/.libhogweed.so.%{hogweed_soname}.hmac
 
 %files -n libnettle-devel
+%license COPYING*
+%doc AUTHORS ChangeLog NEWS README
 %{_includedir}/nettle
 %{_libdir}/libnettle.so
 %{_libdir}/libhogweed.so
diff --git a/nettle-3.5.1.tar.gz b/nettle-3.5.1.tar.gz
deleted file mode 100644
index 7e09be8..0000000
--- a/nettle-3.5.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:75cca1998761b02e16f2db56da52992aef622bf55a3b45ec538bc2eedadc9419
-size 1989593
diff --git a/nettle-3.5.1.tar.gz.sig b/nettle-3.5.1.tar.gz.sig
deleted file mode 100644
index 72eca38..0000000
Binary files a/nettle-3.5.1.tar.gz.sig and /dev/null differ
diff --git a/nettle-3.6.tar.gz b/nettle-3.6.tar.gz
new file mode 100644
index 0000000..b19021d
--- /dev/null
+++ b/nettle-3.6.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d24c0d0f2abffbc8f4f34dcf114b0f131ec3774895f3555922fe2f40f3d5e3f1
+size 2288173
diff --git a/nettle-3.6.tar.gz.sig b/nettle-3.6.tar.gz.sig
new file mode 100644
index 0000000..a1c1113
Binary files /dev/null and b/nettle-3.6.tar.gz.sig differ
diff --git a/nettle-respect-cflags.patch b/nettle-respect-cflags.patch
deleted file mode 100644
index c4cc95a..0000000
--- a/nettle-respect-cflags.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-Index: nettle-3.5.1/Makefile.in
-===================================================================
---- nettle-3.5.1.orig/Makefile.in
-+++ nettle-3.5.1/Makefile.in
-@@ -290,27 +290,27 @@ $(LIBHOGWEED_FORLINK): $(hogweed_OBJS) $
- # executable. Avoid object file targets to make it easy to run the
- # right compiler.
- aesdata$(EXEEXT_FOR_BUILD): aesdata.c
--	$(CC_FOR_BUILD) `test -f aesdata.c || echo '$(srcdir)/'`aesdata.c \
-+	$(CC_FOR_BUILD) $(CFLAGS) `test -f aesdata.c || echo '$(srcdir)/'`aesdata.c \
- 	-o aesdata$(EXEEXT_FOR_BUILD)
- 
- desdata$(EXEEXT_FOR_BUILD): desdata.c
--	$(CC_FOR_BUILD) `test -f desdata.c || echo '$(srcdir)/'`desdata.c \
-+	$(CC_FOR_BUILD) $(CFLAGS) `test -f desdata.c || echo '$(srcdir)/'`desdata.c \
- 	-o desdata$(EXEEXT_FOR_BUILD)
- 
- twofishdata$(EXEEXT_FOR_BUILD): twofishdata.c
--	$(CC_FOR_BUILD) `test -f twofishdata.c || echo '$(srcdir)/'`twofishdata.c \
-+	$(CC_FOR_BUILD) $(CFLAGS) `test -f twofishdata.c || echo '$(srcdir)/'`twofishdata.c \
- 	-o twofishdata$(EXEEXT_FOR_BUILD)
- 
- shadata$(EXEEXT_FOR_BUILD): shadata.c
--	$(CC_FOR_BUILD) `test -f shadata.c || echo '$(srcdir)/'`shadata.c -lm \
-+	$(CC_FOR_BUILD) $(CFLAGS) `test -f shadata.c || echo '$(srcdir)/'`shadata.c -lm \
- 	-o shadata$(EXEEXT_FOR_BUILD)
- 
- gcmdata$(EXEEXT_FOR_BUILD): gcmdata.c
--	$(CC_FOR_BUILD) `test -f gcmdata.c || echo '$(srcdir)/'`gcmdata.c \
-+	$(CC_FOR_BUILD) $(CFLAGS) `test -f gcmdata.c || echo '$(srcdir)/'`gcmdata.c \
- 	-o gcmdata$(EXEEXT_FOR_BUILD)
- 
- eccdata$(EXEEXT_FOR_BUILD): eccdata.c mini-gmp.c mini-gmp.h
--	$(CC_FOR_BUILD) `test -f eccdata.c || echo '$(srcdir)/'`eccdata.c \
-+	$(CC_FOR_BUILD) $(CFLAGS) `test -f eccdata.c || echo '$(srcdir)/'`eccdata.c \
- 	-o eccdata$(EXEEXT_FOR_BUILD)
- 
- eccparams$(EXEEXT_FOR_BUILD): eccparams.c