diff --git a/wget-1.19.1.tar.xz b/wget-1.19.1.tar.xz
deleted file mode 100644
index 6a1b38f..0000000
--- a/wget-1.19.1.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0c950b9671881222a4d385b013c9604e98a8025d1988529dfca0e93617744cd2
-size 2111756
diff --git a/wget-1.19.1.tar.xz.sig b/wget-1.19.1.tar.xz.sig
deleted file mode 100644
index 43a33c8..0000000
Binary files a/wget-1.19.1.tar.xz.sig and /dev/null differ
diff --git a/wget-1.19.2.tar.gz b/wget-1.19.2.tar.gz
new file mode 100644
index 0000000..1a04f1d
--- /dev/null
+++ b/wget-1.19.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4f4a673b6d466efa50fbfba796bd84a46ae24e370fa562ede5b21ab53c11a920
+size 4349267
diff --git a/wget-1.19.2.tar.gz.sig b/wget-1.19.2.tar.gz.sig
new file mode 100644
index 0000000..7c3a93b
Binary files /dev/null and b/wget-1.19.2.tar.gz.sig differ
diff --git a/wget-416-but-file-not-complete.patch b/wget-416-but-file-not-complete.patch
deleted file mode 100644
index 63bec7c..0000000
--- a/wget-416-but-file-not-complete.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Index: wget-1.19.1/src/http.c
-===================================================================
---- wget-1.19.1.orig/src/http.c
-+++ wget-1.19.1/src/http.c
-@@ -3819,6 +3819,16 @@ gethttp (const struct url *u, struct url
-     }
- 
-   if (statcode == HTTP_STATUS_RANGE_NOT_SATISFIABLE
-+      && hs->restval < (contlen + contrange))
-+    {
-+      /* The file was not completely downloaded,
-+         yet the server claims the range is invalid.
-+         Bail out.  */
-+      CLOSE_INVALIDATE (sock);
-+      retval = RANGEERR;
-+      goto cleanup;
-+    }
-+  if (statcode == HTTP_STATUS_RANGE_NOT_SATISFIABLE
-       || (!opt.timestamping && hs->restval > 0 && statcode == HTTP_STATUS_OK
-           && contrange == 0 && contlen >= 0 && hs->restval >= contlen))
-     {
diff --git a/wget-CVE-2017-6508.patch b/wget-CVE-2017-6508.patch
deleted file mode 100644
index d3b0c29..0000000
--- a/wget-CVE-2017-6508.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-diff --git a/src/url.c b/src/url.c
-index 8f8ff0b..7d36b27 100644
---- a/src/url.c
-+++ b/src/url.c
-@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode)
-       url_unescape (u->host);
-       host_modified = true;
- 
-+      /* check for invalid control characters in host name */
-+      for (p = u->host; *p; p++)
-+        {
-+          if (c_iscntrl(*p))
-+            {
-+              url_free(u);
-+              error_code = PE_INVALID_HOST_NAME;
-+              goto error;
-+            }
-+        }
-+
-       /* Apply IDNA regardless of iri->utf8_encode status */
-       if (opt.enable_iri && iri)
-         {
diff --git a/wget-errno-clobber.patch b/wget-errno-clobber.patch
index be2477e..75a0b76 100644
--- a/wget-errno-clobber.patch
+++ b/wget-errno-clobber.patch
@@ -1,8 +1,8 @@
-Index: wget-1.18/src/http.c
+Index: wget-1.19.2/src/http.c
 ===================================================================
---- wget-1.18.orig/src/http.c
-+++ wget-1.18/src/http.c
-@@ -1516,6 +1516,7 @@ persistent_available_p (const char *host
+--- wget-1.19.2.orig/src/http.c	2017-10-26 17:30:08.000000000 +0200
++++ wget-1.19.2/src/http.c	2017-10-27 17:59:48.659093393 +0200
+@@ -1524,6 +1524,7 @@ persistent_available_p (const char *host
     active, registered connection".  */
  
  #define CLOSE_FINISH(fd) do {                   \
@@ -10,7 +10,7 @@ Index: wget-1.18/src/http.c
    if (!keep_alive)                              \
      {                                           \
        if (pconn_active && (fd) == pconn.socket) \
-@@ -1524,14 +1525,17 @@ persistent_available_p (const char *host
+@@ -1532,14 +1533,17 @@ persistent_available_p (const char *host
            fd_close (fd);                        \
        fd = -1;                                  \
      }                                           \
@@ -27,4 +27,4 @@ Index: wget-1.18/src/http.c
 +  errno = errno_sav;                            \
  } while (0)
  
- struct http_stat
+ typedef enum
diff --git a/wget.changes b/wget.changes
index 5175d3b..6510c52 100644
--- a/wget.changes
+++ b/wget.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Fri Oct 27 16:05:55 UTC 2017 - astieger@suse.com
+
+- GNU wget 1.19.2:
+  * CVE-2017-13089: Stack overflow in HTTP protocol handling (bsc#1064715)
+  * CVE-2017-13090: Heap overflow in HTTP protocol handling (bsc#1064716)
+  * New option --compression for gzip Content-Encoding
+  * New option --[no]-netrc to control .netrc parsing
+  * Added GNU extensions to .netrc parsing
+  * Improved IDNA 2003 compatibility
+  * Fix VPATH issues
+  * Improved and extended the test suite
+  * Support Wayback Machine's X-Archive-Orig-last-modified
+  * Several bug fixes
+- drop upstreamed patches:
+  * wget-CVE-2017-6508.patch
+  * wget-416-but-file-not-complete.patch
+- unfuzz wget-errno-clobber.patch
+
 -------------------------------------------------------------------
 Thu Sep 21 06:45:00 UTC 2017 - josef.moellers@suse.com
 
diff --git a/wget.keyring b/wget.keyring
index 8334086..6340722 100644
Binary files a/wget.keyring and b/wget.keyring differ
diff --git a/wget.spec b/wget.spec
index 8ae3839..b80238e 100644
--- a/wget.spec
+++ b/wget.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package wget
 #
-# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,14 +18,14 @@
 
 %bcond_with	regression_tests
 Name:           wget
-Version:        1.19.1
+Version:        1.19.2
 Release:        0
 Summary:        A Tool for Mirroring FTP and HTTP Servers
 License:        GPL-3.0+
 Group:          Productivity/Networking/Web/Utilities
 Url:            https://www.gnu.org/software/wget/
-Source:         https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz
-Source1:        https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz.sig
+Source:         https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz
+Source1:        https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig
 Source2:        https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=wget&download=1#/wget.keyring
 Patch0:         wgetrc.patch
 Patch1:         wget-libproxy.patch
@@ -33,8 +33,6 @@ Patch6:         wget-1.14-no-ssl-comp.patch
 # PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 coolo@suse.de
 Patch7:         wget-fix-pod-syntax.diff
 Patch8:         wget-errno-clobber.patch
-Patch9:         wget-CVE-2017-6508.patch
-Patch10:        wget-416-but-file-not-complete.patch
 BuildRequires:  automake
 BuildRequires:  gpgme-devel >= 0.4.2
 BuildRequires:  libcares-devel
@@ -81,8 +79,6 @@ This can be done in script files or via the command line.
 %patch6
 %patch7 -p1
 %patch8 -p1
-%patch9 -p1
-%patch10 -p1
 
 %build
 %if 0%{?suse_version} > 1110