diff --git a/CVE-2024-1454.patch b/CVE-2024-1454.patch
deleted file mode 100644
index 7f8ff1a..0000000
--- a/CVE-2024-1454.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 5835f0d4f6c033bd58806d33fa546908d39825c9 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Mon, 18 Dec 2023 11:09:50 +0100
-Subject: [PATCH] authentic: Avoid use after free
-
-Thanks oss-fuzz
-
-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898
----
- src/pkcs15init/pkcs15-authentic.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/pkcs15init/pkcs15-authentic.c b/src/pkcs15init/pkcs15-authentic.c
-index a6d8b8ffad..798bc44138 100644
---- a/src/pkcs15init/pkcs15-authentic.c
-+++ b/src/pkcs15init/pkcs15-authentic.c
-@@ -868,7 +868,7 @@ authentic_emu_update_tokeninfo(struct sc_profile *profile, struct sc_pkcs15_card
- 	rv = sc_select_file(p15card->card, &path, &file);
- 	if (!rv) {
- 		rv = sc_get_challenge(p15card->card, buffer, sizeof(buffer));
--		if (!rv) {
-+		if (rv < 0) {
- 			sc_file_free(file);
- 			LOG_TEST_RET(ctx, rv, "Get challenge error");
- 		}
diff --git a/opensc-0.24.0.tar.gz b/opensc-0.24.0.tar.gz
deleted file mode 100644
index fbf732a..0000000
--- a/opensc-0.24.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:24d03c69287291da32a30c4c38a304ad827f56cb85d83619e1f5403ab6480ef8
-size 2440952
diff --git a/opensc-0.25.0.tar.gz b/opensc-0.25.0.tar.gz
new file mode 100644
index 0000000..d51ad76
--- /dev/null
+++ b/opensc-0.25.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e6d7b66e2a508a377ac9d67aa463025d3c54277227be10bd08872e3407d6622f
+size 2406137
diff --git a/opensc-docbook-xsl-fix.patch b/opensc-docbook-xsl-fix.patch
new file mode 100644
index 0000000..e6d4f7c
--- /dev/null
+++ b/opensc-docbook-xsl-fix.patch
@@ -0,0 +1,13 @@
+diff --git a/doc/html.xsl b/doc/html.xsl
+index 665d45f..734fa98 100644
+--- a/doc/html.xsl
++++ b/doc/html.xsl
+@@ -3,7 +3,7 @@
+ <!ENTITY css SYSTEM "api.css">
+ ]>
+ <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
+-	<xsl:import href="docbook-utf8.xsl"/>
++	<xsl:import href="docbook.xsl"/>
+ 	<xsl:param name="toc.section.depth" select="0"/>
+ 	<xsl:param name="generate.consistent.ids" select="1"/>
+ 	<xsl:template name="user.head.content">
diff --git a/opensc.changes b/opensc.changes
index 84be1ab..26c42b3 100644
--- a/opensc.changes
+++ b/opensc.changes
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Sat Mar  9 12:06:03 UTC 2024 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 0.25.0
+  Security
+  * CVE-2023-5992: Fix Side-channel leaks while stripping
+    encryption PKCS#1.5 padding in OpenSC.
+  * CVE-2024-1454: Fix Potential use-after-free in AuthentIC driver
+    during card enrollment in pkcs15init.
+  General improvements
+  * Remove support for old card drivers Akis, GPK, Incrypto34 and
+    Westcos, disable Cyberflex driver.
+  * Fix 64b to 32b conversions.
+  * Improvements for the p11test.
+  * Fix reader initialization without SCardControl.
+  * Make RSA PKCS#1 v1.5 depadding constant-time.
+  * Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02)
+    on the card.
+  * Fixed various issues reported by OSS-Fuzz and Coverity in
+    drivers, PKCS#11 and PKCS#15 layer.
+- Add patch:
+  * opensc-docbook-xsl-fix.patch
+- Drop not longer needed patches:
+  * CVE-2024-1454.patch
+- Introduce subpackage for bash-completion
+
 -------------------------------------------------------------------
 Sun Feb 25 20:35:05 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com>
 
diff --git a/opensc.spec b/opensc.spec
index f7c4320..48814a8 100644
--- a/opensc.spec
+++ b/opensc.spec
@@ -18,7 +18,7 @@
 
 %define completionsdir %(pkg-config --variable completionsdir bash-completion)
 Name:           opensc
-Version:        0.24.0
+Version:        0.25.0
 Release:        0
 Summary:        Smart Card Utilities
 License:        LGPL-2.1-or-later
@@ -31,8 +31,8 @@ Source2:        %{name}-rpmlintrc
 # https://web.archive.org/web/20111225073733/http://www.opensc-project.org/opensc/ticket/390
 Source3:        opensc.module
 Patch0:         opensc-gcc11.patch
-# PATCH-FIX-UPSTREAM martin.schreiner@suse.com CVE-2024-1454 bsc#1219868
-Patch1:         CVE-2024-1454.patch
+Patch1:         opensc-docbook-xsl-fix.patch
+BuildRequires:  automake
 BuildRequires:  docbook-xsl-stylesheets
 BuildRequires:  libxslt
 BuildRequires:  pkgconfig
@@ -60,8 +60,20 @@ also card version, card OS version and preloaded applet. Only subset of
 possible operations may be supported for your card. Card initialization
 may require third party proprietary software.
 
+%package bash-completion
+Summary:        Bash Completion for %{name}
+Group:          Productivity/Security
+Requires:       %{name} = %{version}
+Requires:       bash-completion
+Supplements:    (%{name} and bash-completion)
+BuildArch:      noarch
+
+%description bash-completion
+Bash completion script for %{name}.
+
 %prep
-%autosetup -p1
+%setup -q
+%autopatch -p1
 
 %build
 %configure \
@@ -101,6 +113,8 @@ install -D -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pkcs11/modules/opensc.mo
 %config %{_sysconfdir}/pkcs11/modules/
 # This is a private library. There is no reason to split it to libopensc* package.
 %{_libdir}/libopensc.so.*
+
+%files bash-completion
 %{completionsdir}/*
 
 %changelog