diff --git a/bleach-3.1.3.tar.gz b/bleach-3.1.3.tar.gz
deleted file mode 100644
index 3632e38..0000000
--- a/bleach-3.1.3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f8dfd8a7e26443e986c4e44df31870da8e906ea61096af06ba5d5cc2d519842a
-size 176601
diff --git a/bleach-3.1.4.tar.gz b/bleach-3.1.4.tar.gz
new file mode 100644
index 0000000..ecfd2e1
--- /dev/null
+++ b/bleach-3.1.4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e78e426105ac07026ba098f04de8abe9b6e3e98b5befbf89b51a5ef0a4292b03
+size 177813
diff --git a/python-bleach.changes b/python-bleach.changes
index 844b9d2..7406544 100644
--- a/python-bleach.changes
+++ b/python-bleach.changes
@@ -1,7 +1,19 @@
+-------------------------------------------------------------------
+Wed Apr  1 11:18:24 UTC 2020 - Dirk Mueller <dmueller@suse.com>
+
+- update to 3.1.4 (bsc#1168280, CVE-2020-6817):
+  * ``bleach.clean`` behavior parsing style attributes could result in a
+    regular expression denial of service (ReDoS).
+    Calls to ``bleach.clean`` with an allowed tag with an allowed
+    ``style`` attribute were vulnerable to ReDoS. For example,
+    ``bleach.clean(..., attributes={'a': ['style']})``.
+  * Style attributes with dashes, or single or double quoted values are
+    cleaned instead of passed through.
+
 -------------------------------------------------------------------
 Mon Mar 23 10:09:15 UTC 2020 - Dirk Mueller <dmueller@suse.com>
 
-- update to 3.1.3 (bsc#1167379):
+- update to 3.1.3 (bsc#1167379, CVE-2020-6816):
   * Add relative link to code of conduct. (#442)
   * Drop deprecated 'setup.py test' support. (#507)
   * Fix typo: curren -> current in tests/test_clean.py (#504)
@@ -15,8 +27,6 @@ Mon Mar 23 10:09:15 UTC 2020 - Dirk Mueller <dmueller@suse.com>
     ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or
     ``xmp`` in the allowed tags whitelist were vulnerable to a mutation
     XSS.
-    This security issue was confirmed in Bleach version v3.1.1. Earlier
-    versions are likely affected too.
 
 -------------------------------------------------------------------
 Fri Feb 28 16:13:43 UTC 2020 - Alexandros Toptsoglou <atoptsoglou@suse.com>
diff --git a/python-bleach.spec b/python-bleach.spec
index 9e58fa1..bc80249 100644
--- a/python-bleach.spec
+++ b/python-bleach.spec
@@ -19,7 +19,7 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-bleach
-Version:        3.1.3
+Version:        3.1.4
 Release:        0
 Summary:        A whitelist-based HTML-sanitizing tool
 License:        Apache-2.0