diff --git a/sssd-1.5.5.tar.bz2 b/sssd-1.5.5.tar.bz2
deleted file mode 100644
index c3eb4ea..0000000
--- a/sssd-1.5.5.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8c55e2676839d8991a6287038c63deccf95123562842958df99011c30bd05408
-size 1292470
diff --git a/sssd-1.5.7.tar.bz2 b/sssd-1.5.7.tar.bz2
new file mode 100644
index 0000000..50626c1
--- /dev/null
+++ b/sssd-1.5.7.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9f5170467fe38b6bdeb40a3a27f40577c624c17c93c5b659f1018256b545781b
+size 1340038
diff --git a/sssd.changes b/sssd.changes
index 2158f93..552e75c 100644
--- a/sssd.changes
+++ b/sssd.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Wed May  4 09:22:20 UTC 2011 - rhafer@suse.de
+
+- Update to 1.5.7
+  * A flaw was found in the handling of cached passwords when
+    kerberos renewal tickets is enabled.  Due to a bug, the cached
+    password was overwritten with a (moderately) predictable
+    filename, which could allow a user to authenticate as someone
+    else if they knew the name of the cache file (bnc#691135,
+    CVE-2011-1758)
+- Changes in 1.5.6:
+  * Fixed a serious memory leak in the memberOf plugin
+  * Fixed a regression with the negative cache that caused it to be
+    essentially nonfunctional
+  * Fixed an issue where the user's full name would sometimes be
+    removed from the cache
+  * Fixed an issue with password changes in the kerberos provider
+    not working with kpasswd
+
 -------------------------------------------------------------------
 Thu Apr 14 11:31:38 UTC 2011 - rhafer@suse.de
 
diff --git a/sssd.spec b/sssd.spec
index e1eba1f..66652c7 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -18,7 +18,7 @@
 
 
 Name:           sssd
-Version:        1.5.5
+Version:        1.5.7
 Release:        1
 Group:          System/Daemons
 Summary:        System Security Services Daemon