diff --git a/bleach-3.1.1.tar.gz b/bleach-3.1.1.tar.gz
deleted file mode 100644
index c29c119..0000000
--- a/bleach-3.1.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:aa8b870d0f46965bac2c073a93444636b0e1ca74e9777e34f03dd494b8a59d48
-size 174885
diff --git a/bleach-3.1.3.tar.gz b/bleach-3.1.3.tar.gz
new file mode 100644
index 0000000..3632e38
--- /dev/null
+++ b/bleach-3.1.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f8dfd8a7e26443e986c4e44df31870da8e906ea61096af06ba5d5cc2d519842a
+size 176601
diff --git a/de-vendor.patch b/de-vendor.patch
index e626c16..30f8afb 100644
--- a/de-vendor.patch
+++ b/de-vendor.patch
@@ -1,5 +1,5 @@
---- bleach-3.1.0/bleach/html5lib_shim.py.orig	2019-03-03 16:10:33.148796311 +0700
-+++ bleach-3.1.0/bleach/html5lib_shim.py	2019-03-03 16:11:07.945088029 +0700
+--- bleach/html5lib_shim.py
++++ bleach/html5lib_shim.py
 @@ -11,23 +11,23 @@
  
  import six
@@ -35,3 +35,14 @@
  
  
  #: Map of entity name to expanded entity
+--- tests/test_clean.py
++++ tests/test_clean.py
+@@ -7,7 +7,7 @@
+ from bleach import clean
+ from bleach.html5lib_shim import Filter
+ from bleach.sanitizer import Cleaner
+-from bleach._vendor.html5lib.constants import rcdataElements
++from html5lib.constants import rcdataElements
+ 
+ def test_clean_idempotent():
+     """Make sure that applying the filter twice doesn't change anything."""
diff --git a/python-bleach.changes b/python-bleach.changes
index 86eb47e..844b9d2 100644
--- a/python-bleach.changes
+++ b/python-bleach.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Mon Mar 23 10:09:15 UTC 2020 - Dirk Mueller <dmueller@suse.com>
+
+- update to 3.1.3 (bsc#1167379):
+  * Add relative link to code of conduct. (#442)
+  * Drop deprecated 'setup.py test' support. (#507)
+  * Fix typo: curren -> current in tests/test_clean.py (#504)
+  * Test on PyPy 7
+  * Drop test support for end of life Python 3.4
+  * ``bleach.clean`` behavior parsing embedded MathML and SVG content
+    with RCDATA tags did not match browser behavior and could result in
+    a mutation XSS.
+    Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or
+    ``svg`` tags and one or more of the RCDATA tags ``script``,
+    ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or
+    ``xmp`` in the allowed tags whitelist were vulnerable to a mutation
+    XSS.
+    This security issue was confirmed in Bleach version v3.1.1. Earlier
+    versions are likely affected too.
+
 -------------------------------------------------------------------
 Fri Feb 28 16:13:43 UTC 2020 - Alexandros Toptsoglou <atoptsoglou@suse.com>
 
diff --git a/python-bleach.spec b/python-bleach.spec
index b2526be..9e58fa1 100644
--- a/python-bleach.spec
+++ b/python-bleach.spec
@@ -19,7 +19,7 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-bleach
-Version:        3.1.1
+Version:        3.1.3
 Release:        0
 Summary:        A whitelist-based HTML-sanitizing tool
 License:        Apache-2.0
@@ -56,7 +56,7 @@ Documentation is at http://bleach.readthedocs.org/ .
 
 %prep
 %setup -q -n bleach-%{version}
-%patch0 -p1
+%patch0
 rm -rf bleach/_vendor
 
 %build