diff --git a/openssl-3.2.patch b/openssl-3.2.patch
deleted file mode 100644
index 03ea042..0000000
--- a/openssl-3.2.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Index: tornado-6.4/tornado/iostream.py
-===================================================================
---- tornado-6.4.orig/tornado/iostream.py
-+++ tornado-6.4/tornado/iostream.py
-@@ -1374,7 +1374,7 @@ class SSLIOStream(IOStream):
-                 return
-             elif err.args[0] in (ssl.SSL_ERROR_EOF, ssl.SSL_ERROR_ZERO_RETURN):
-                 return self.close(exc_info=err)
--            elif err.args[0] == ssl.SSL_ERROR_SSL:
-+            elif err.args[0] in (ssl.SSL_ERROR_SSL, ssl.SSL_ERROR_SYSCALL):
-                 try:
-                     peer = self.socket.getpeername()
-                 except Exception:
diff --git a/python-tornado6.changes b/python-tornado6.changes
index 578aada..db60ae6 100644
--- a/python-tornado6.changes
+++ b/python-tornado6.changes
@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Wed Jul 31 09:32:23 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 6.4.1:
+  + Security Improvements:
+    - Parsing of the ``Transfer-Encoding`` header is now stricter.
+      Unexpected transfer-encoding values were previously ignored
+      and treated as the HTTP/1.0 default of read-until-close. This
+      can lead to framing issues with certain proxies. We now treat
+      any unexpected value as an error.
+    - Handling of whitespace in headers now matches the RFC more
+      closely. Only space and tab characters are treated as
+      whitespace and stripped from the beginning and end of header
+      values. Other unicode whitespace characters are now left
+      alone. This could also lead to framing issues with certain
+      proxies.
+    - `tornado.curl_httpclient` now prohibits carriage return and
+      linefeed headers in HTTP headers (matching the behavior of
+      `simple_httpclient`). These characters could be used for
+      header injection or request smuggling if untrusted data were
+      used in headers.
+  + General Changes:
+    - `tornado.iostream`: `SLIOStream` now understands changes to
+      error codes from OpenSSL 3.2. The main result of this change
+      is to reduce the noise in the logs for certain errors.
+    - `tornado.simple_httpclient`: `simple_httpclient` now
+      prohibits carriage return characters in HTTP headers. It had
+      previously prohibited only linefeed characters.
+    - `tornado.testing`: `.AsyncTestCase` subclasses can now be
+      instantiated without being associated with a test method.
+      Improves compatibility with test discovery in Pytest 8.2.
+- Drop  support-pytest-8.2.patch: fixed upstream.
+- Drop openssl-3.2.patch: fixed upstream.
+
 -------------------------------------------------------------------
 Fri May 17 03:37:07 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
 
diff --git a/python-tornado6.spec b/python-tornado6.spec
index 93d48ee..d2a6125 100644
--- a/python-tornado6.spec
+++ b/python-tornado6.spec
@@ -19,7 +19,7 @@
 %{?sle15_python_module_pythons}
 %define         skip_python2 1
 Name:           python-tornado6
-Version:        6.4
+Version:        6.4.1
 Release:        0
 Summary:        Open source version of scalable, non-blocking web server that power FriendFeed
 License:        Apache-2.0
@@ -28,10 +28,6 @@ Source:         https://files.pythonhosted.org/packages/source/t/tornado/tornado
 Source99:       python-tornado6-rpmlintrc
 # PATCH-FIX-OPENSUSE ignore-resourcewarning-doctests.patch -- ignore resource warnings on OBS
 Patch0:         ignore-resourcewarning-doctests.patch
-# PATCH-FIX-OPENSUSE openssl-3.2.patch gh#tornadoweb/tornado#3355
-Patch1:         openssl-3.2.patch
-# PATCH-FIX-UPSTREAM gh#tornadoweb/tornado#3374
-Patch2:         support-pytest-8.2.patch
 BuildRequires:  %{python_module base >= 3.8}
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module pip}
diff --git a/support-pytest-8.2.patch b/support-pytest-8.2.patch
deleted file mode 100644
index 064032b..0000000
--- a/support-pytest-8.2.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From c851aa8a949524b35f72c82b45a52353aa3c0558 Mon Sep 17 00:00:00 2001
-From: Ran Benita <ran@unusedvar.com>
-Date: Sun, 28 Apr 2024 14:17:54 +0300
-Subject: [PATCH] testing: allow to instantiate an empty AsyncTestCase
-
-`unittest.TestCase` has a feature where it allows instantiating
-`MyTestClass()` with the default method name `runTest` even if a
-`runTest` method doesn't actually exist. This is documented in
-`TestCase`'s docs under "Changed in version 3.2"[0].
-
-Since version 8.2, pytest relies on this, and started breaking on
-Tornado's `AsyncTestCase`[1].
-
-Change `AsyncTestCase` to allow empty instatiation, by matching the
-upstream code.
-
-[0] https://docs.python.org/3/library/unittest.html#unittest.TestCase
-[1] https://github.com/pytest-dev/pytest/issues/12263
----
- tornado/test/testing_test.py |  9 +++++++++
- tornado/testing.py           | 12 +++++++++++-
- 2 files changed, 20 insertions(+), 1 deletion(-)
-
-diff --git a/tornado/test/testing_test.py b/tornado/test/testing_test.py
-index 0429feee83..8e2b8db428 100644
---- a/tornado/test/testing_test.py
-+++ b/tornado/test/testing_test.py
-@@ -61,6 +61,15 @@ def test_subsequent_wait_calls(self):
-         self.io_loop.add_timeout(self.io_loop.time() + 0.2, self.stop)
-         self.wait(timeout=0.4)
- 
-+    def test_empty_instantation_is_allowed(self):
-+        """
-+        Test that empty instatiation of an AsyncTestCase is allowed.
-+
-+        unittest.TestCase docs guarantee this working, and pytest's unittest
-+        support relies on it.
-+        """
-+        AsyncTestCaseTest()
-+
- 
- class LeakTest(AsyncTestCase):
-     def tearDown(self):
-diff --git a/tornado/testing.py b/tornado/testing.py
-index bdbff87bc3..9455411a6d 100644
---- a/tornado/testing.py
-+++ b/tornado/testing.py
-@@ -177,7 +177,17 @@ def __init__(self, methodName: str = "runTest") -> None:
-         # the test will silently be ignored because nothing will consume
-         # the generator.  Replace the test method with a wrapper that will
-         # make sure it's not an undecorated generator.
--        setattr(self, methodName, _TestMethodWrapper(getattr(self, methodName)))
-+        try:
-+            test_method = getattr(self, methodName)
-+        except AttributeError:
-+            if methodName != "runTest":
-+                # We allow instantiation with no explicit method name
-+                # but not an *incorrect* or missing method name.
-+                raise ValueError(
-+                    "no such test method in %s: %s" % (self.__class__, methodName)
-+                )
-+        else:
-+            setattr(self, methodName, _TestMethodWrapper(test_method))
- 
-         # Not used in this class itself, but used by @gen_test
-         self._test_generator = None  # type: Optional[Union[Generator, Coroutine]]
diff --git a/tornado-6.4.1.tar.gz b/tornado-6.4.1.tar.gz
new file mode 100644
index 0000000..1f7aea0
--- /dev/null
+++ b/tornado-6.4.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:92d3ab53183d8c50f8204a51e6f91d18a15d5ef261e84d452800d4ff6fc504e9
+size 500623
diff --git a/tornado-6.4.tar.gz b/tornado-6.4.tar.gz
deleted file mode 100644
index 96d31ad..0000000
--- a/tornado-6.4.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:72291fa6e6bc84e626589f1c29d90a5a6d593ef5ae68052ee2ef000dfd273dee
-size 498845