diff --git a/bleach-2.1.2.tar.gz b/bleach-2.1.2.tar.gz
deleted file mode 100644
index e5726f0..0000000
--- a/bleach-2.1.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:38fc8cbebea4e787d8db55d6f324820c7f74362b70db9142c1ac7920452d1a19
-size 58954
diff --git a/bleach-2.1.3.tar.gz b/bleach-2.1.3.tar.gz
new file mode 100644
index 0000000..d3a43fc
--- /dev/null
+++ b/bleach-2.1.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eb7386f632349d10d9ce9d4a838b134d4731571851149f9cc2c05a9a837a9a44
+size 60141
diff --git a/python-bleach.changes b/python-bleach.changes
index 5021ba4..e9e07b1 100644
--- a/python-bleach.changes
+++ b/python-bleach.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Tue Mar 20 08:38:36 UTC 2018 - kbabioch@suse.com
+
+- Update to version 2.1.3:
+  * Attributes that have URI values weren't properly sanitized if the
+    values contained character entities. Using character entities, it
+    was possible to construct a URI value with a scheme that was not
+    allowed that would slide through unsanitized.
+    (CVE-2018-7753 bnc#1085969)
+
 -------------------------------------------------------------------
 Thu Dec  7 16:50:14 UTC 2017 - arun@gmx.de
 
diff --git a/python-bleach.spec b/python-bleach.spec
index a2d42b7..ff7ea6a 100644
--- a/python-bleach.spec
+++ b/python-bleach.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-bleach
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2015 LISA GmbH, Bingen, Germany.
 #
 # All modifications and additions to the file contributed by third parties
@@ -19,7 +19,7 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-bleach
-Version:        2.1.2
+Version:        2.1.3
 Release:        0
 Summary:        An easy whitelist-based HTML-sanitizing tool
 License:        Apache-2.0