diff --git a/tcpdump-4.9.2.tar.gz b/tcpdump-4.9.2.tar.gz
deleted file mode 100644
index c8a88b7..0000000
--- a/tcpdump-4.9.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:798b3536a29832ce0cbb07fafb1ce5097c95e308a6f592d14052e1ef1505fe79
-size 2298386
diff --git a/tcpdump-4.9.2.tar.gz.sig b/tcpdump-4.9.2.tar.gz.sig
deleted file mode 100644
index b7d93ea..0000000
Binary files a/tcpdump-4.9.2.tar.gz.sig and /dev/null differ
diff --git a/tcpdump-4.9.3.tar.gz b/tcpdump-4.9.3.tar.gz
new file mode 100644
index 0000000..544e0d8
--- /dev/null
+++ b/tcpdump-4.9.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2cd47cb3d460b6ff75f4a9940f594317ad456cfbf2bd2c8e5151e16559db6410
+size 2333119
diff --git a/tcpdump-4.9.3.tar.gz.sig b/tcpdump-4.9.3.tar.gz.sig
new file mode 100644
index 0000000..0d93562
Binary files /dev/null and b/tcpdump-4.9.3.tar.gz.sig differ
diff --git a/tcpdump-CVE-2017-16808.patch b/tcpdump-CVE-2017-16808.patch
deleted file mode 100644
index cf5dd94..0000000
--- a/tcpdump-CVE-2017-16808.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 28f610026d901660dd370862b62ec328727446a2 Mon Sep 17 00:00:00 2001
-From: Denis Ovsienko <denis@ovsienko.info>
-Date: Thu, 31 Aug 2017 21:15:37 +0100
-Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
-
-In aoev1_reserve_print() check bounds before trying to print an Ethernet
-address.
-
-This fixes a buffer over-read discovered by Bhargava Shastry,
-SecT/TU Berlin.
----
- print-aoe.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/print-aoe.c b/print-aoe.c
-index 97e93df2e..2c78a55d3 100644
---- a/print-aoe.c
-+++ b/print-aoe.c
-@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
- 		goto invalid;
- 	/* addresses */
- 	for (i = 0; i < nmacs; i++) {
-+		ND_TCHECK2(*cp, ETHER_ADDR_LEN);
- 		ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
- 		cp += ETHER_ADDR_LEN;
- 	}
diff --git a/tcpdump-CVE-2019-1010220.patch b/tcpdump-CVE-2019-1010220.patch
deleted file mode 100644
index 2d69aef..0000000
--- a/tcpdump-CVE-2019-1010220.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 511915bef7e4de2f31b8d9f581b4a44b0cfbcf53 Mon Sep 17 00:00:00 2001
-From: Guy Harris <guy@alum.mit.edu>
-Date: Sat, 1 Jun 2019 14:42:09 -0700
-Subject: [PATCH] If decode_prefix6() returns a negative number, don't print
- buf.
-
-If it returns a negative number, it hasn't necessarily filled in buf, so
-just return immediately; this is similar to the IPv4 code path, wherein
-we just return a negative number, and print nothing, on an error.
-
-This should fix GitHub issue #763.
----
- print-hncp.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-Index: tcpdump-4.9.2/print-hncp.c
-===================================================================
---- tcpdump-4.9.2.orig/print-hncp.c
-+++ tcpdump-4.9.2/print-hncp.c
-@@ -231,6 +231,8 @@ print_prefix(netdissect_options *ndo, co
-         plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
-     } else {
-         plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
-+        if (plenbytes < 0)
-+            return plenbytes;
-     }
- 
-     ND_PRINT((ndo, "%s", buf));
diff --git a/tcpdump-ikev2pI2.patch b/tcpdump-ikev2pI2.patch
deleted file mode 100644
index 5f8822b..0000000
--- a/tcpdump-ikev2pI2.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Index: tcpdump-4.9.2/tests/crypto.sh
-===================================================================
---- tcpdump-4.9.2.orig/tests/crypto.sh
-+++ tcpdump-4.9.2/tests/crypto.sh
-@@ -72,15 +72,6 @@ then
- 			echo $failed >.failed
- 			exitcode=1
- 		fi
--		if ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file ikev2pI2-secrets.txt" -v -v -v -v'
--		then
--			passed=`expr $passed + 1`
--			echo $passed >.passed
--		else
--			failed=`expr $failed + 1`
--			echo $failed >.failed
--			exitcode=1
--		fi
- 		if ./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-E "file esp-secrets.txt"'
- 		then
- 			passed=`expr $passed + 1`
diff --git a/tcpdump.changes b/tcpdump.changes
index 629b2cc..93f29f1 100644
--- a/tcpdump.changes
+++ b/tcpdump.changes
@@ -1,3 +1,41 @@
+-------------------------------------------------------------------
+Wed Oct  2 14:01:31 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
+
+- Update to 4.9.3
+  * Fix buffer overflow/overread vulnerabilities:
+    - CVE-2017-16808 (AoE)
+    - CVE-2018-14468 (FrameRelay)
+    - CVE-2018-14469 (IKEv1)
+    - CVE-2018-14470 (BABEL)
+    - CVE-2018-14466 (AFS/RX)
+    - CVE-2018-14461 (LDP)
+    - CVE-2018-14462 (ICMP)
+    - CVE-2018-14465 (RSVP)
+    - CVE-2018-14881 (BGP)
+    - CVE-2018-14464 (LMP)
+    - CVE-2018-14463 (VRRP)
+    - CVE-2018-14467 (BGP)
+    - CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
+    - CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
+    - CVE-2018-14880 (OSPF6)
+    - CVE-2018-16451 (SMB)
+    - CVE-2018-14882 (RPL)
+    - CVE-2018-16227 (802.11)
+    - CVE-2018-16229 (DCCP)
+    - CVE-2018-16301 (was fixed in libpcap)
+    - CVE-2018-16230 (BGP)
+    - CVE-2018-16452 (SMB)
+    - CVE-2018-16300 (BGP)
+    - CVE-2018-16228 (HNCP)
+    - CVE-2019-15166 (LMP)
+    - CVE-2019-15167 (VRRP)
+  * Fix for cmdline argument/local issues:
+    - CVE-2018-14879 (tcpdump -V)
+- Drop patches fixed upstream:
+  * tcpdump-CVE-2017-16808.patch
+  * tcpdump-CVE-2019-1010220.patch
+  * tcpdump-ikev2pI2.patch
+
 -------------------------------------------------------------------
 Tue Jul 23 11:45:46 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
 
diff --git a/tcpdump.spec b/tcpdump.spec
index f605bb9..cfbe469 100644
--- a/tcpdump.spec
+++ b/tcpdump.spec
@@ -16,31 +16,24 @@
 #
 
 
-%define min_libpcap_version 1.8.1
+%define min_libpcap_version 1.9.1
 Name:           tcpdump
-Version:        4.9.2
+Version:        4.9.3
 Release:        0
 Summary:        A Packet Sniffer
 License:        BSD-3-Clause
 Group:          Productivity/Networking/Diagnostic
-Url:            http://www.tcpdump.org/
-Source:         http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
+Url:            https://www.tcpdump.org/
+Source:         https://www.tcpdump.org/release/%{name}-%{version}.tar.gz
 Source1:        tcpdump-qeth
-Source2:        http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
-Source3:        http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
-# PATCH-FIX-OPENSUSE tcpdump-ikev2pI2.patch - disabled failing test
-Patch0:         tcpdump-ikev2pI2.patch
+Source2:        https://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
+Source3:        https://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
 # PATCH-FIX-OPENSUSE tcpdump-CVE-2018-19519.patch - Initialize buf in print-hncp.c:print_prefix
-Patch1:         tcpdump-CVE-2018-19519.patch
-# PATCH-FIX-UPSTREAM bsc#1068716 CVE-2017-16808 Heap-based buffer over-read related to aoe_print and lookup_emem
-Patch2:         tcpdump-CVE-2017-16808.patch
-# PATCH-FIX-UPSTREAM bsc#1142439 CVE-2019-1010220 Buffer Over-read in print_prefix
-Patch3:         tcpdump-CVE-2019-1010220.patch
+Patch0:         tcpdump-CVE-2018-19519.patch
 BuildRequires:  libpcap-devel >= %{min_libpcap_version}
 BuildRequires:  libsmi-devel
 BuildRequires:  openssl-devel
 Requires:       libpcap >= %{min_libpcap_version}
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
 This program can "read" all or only certain packets going over the
@@ -49,9 +42,6 @@ ethernet. It can be used to debug specific network problems.
 %prep
 %setup -q
 %patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
 
 %build
 export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing"
@@ -70,7 +60,6 @@ rm %{buildroot}/%{_sbindir}/tcpdump.%{version}
 make check %{?_smp_mflags}
 
 %files
-%defattr(-,root,root)
 %license LICENSE
 %doc CHANGES CREDITS README* *.awk
 %{_mandir}/man?/*