diff --git a/gnutls-3.7.1.tar.xz b/gnutls-3.7.1.tar.xz
deleted file mode 100644
index bad97ee..0000000
--- a/gnutls-3.7.1.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3777d7963eca5e06eb315686163b7b3f5045e2baac5e54e038ace9835e5cac6f
-size 6038388
diff --git a/gnutls-3.7.1.tar.xz.sig b/gnutls-3.7.1.tar.xz.sig
deleted file mode 100644
index 9be009b..0000000
Binary files a/gnutls-3.7.1.tar.xz.sig and /dev/null differ
diff --git a/gnutls-3.7.2.tar.xz b/gnutls-3.7.2.tar.xz
new file mode 100644
index 0000000..9d64f36
--- /dev/null
+++ b/gnutls-3.7.2.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:646e6c5a9a185faa4cea796d378a1ba8e1148dbb197ca6605f95986a25af2752
+size 6091508
diff --git a/gnutls-3.7.2.tar.xz.sig b/gnutls-3.7.2.tar.xz.sig
new file mode 100644
index 0000000..b824c33
Binary files /dev/null and b/gnutls-3.7.2.tar.xz.sig differ
diff --git a/gnutls.changes b/gnutls.changes
index 2521949..920d559 100644
--- a/gnutls.changes
+++ b/gnutls.changes
@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Tue Jun  1 01:00:34 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
+
+- Update to version 3.7.2
+  * Added Linux kernel AF_ALG based acceleration
+  * Fixed timing of early data exchange
+  * The priority string option DISABLE_TLS13_COMPAT_MODE was added
+    to disable TLS 1.3 middlebox compatibility mode
+  * The GNUTLS_NO_EXPLICIT_INIT envvar has been renamed to
+    GNUTLS_NO_IMPLICIT_INIT to reflect the purpose 
+  * certtool:
+    * When signing a CSR, CRL distribution point (CDP) is no
+      longer copied from the signing CA by default
+    * When producing certificates and certificate requests, subject
+      DN components that are provided individually will now be
+      ordered by assumed scale
+
+-------------------------------------------------------------------
+Wed May 26 11:51:56 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
+
+- Rework the crypto-policies dependencies in libraries [bsc#1186385]
+
 -------------------------------------------------------------------
 Thu May 13 16:34:28 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
 
diff --git a/gnutls.spec b/gnutls.spec
index 34bd502..8d63e6f 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -25,10 +25,16 @@
 %else
 %bcond_with dane
 %endif
+# Enable Linux kernel AF_ALG based acceleration
+%if 0%{?suse_version} >= 1550
+%bcond_without kcapi
+%else
+%bcond_with kcapi
+%endif
 %bcond_with tpm
 %bcond_without guile
 Name:           gnutls
-Version:        3.7.1
+Version:        3.7.2
 Release:        0
 Summary:        The GNU Transport Layer Security Library
 License:        GPL-3.0-or-later AND LGPL-2.1-or-later
@@ -61,6 +67,9 @@ BuildRequires:  pkgconfig
 BuildRequires:  xz
 BuildRequires:  zlib-devel
 BuildRequires:  pkgconfig(autoopts)
+%if %{with kcapi}
+BuildRequires:  pkgconfig(libkcapi)
+%endif
 %if 0%{?suse_version} <= 1320
 BuildRequires:  net-tools
 %else
@@ -94,6 +103,9 @@ Summary:        The GNU Transport Layer Security Library
 # install libopenssl and libopenssl-hmac close together (bsc#1090765)
 License:        LGPL-2.1-or-later
 Group:          System/Libraries
+%if 0%{?suse_version} && ! 0%{?sle_version}
+Requires:       crypto-policies
+%endif
 Suggests:       libgnutls%{gnutls_sover}-hmac = %{version}-%{release}
 
 %description -n libgnutls%{gnutls_sover}
@@ -124,6 +136,9 @@ This package contains the "DANE" part of gnutls.
 Summary:        C++ API for the GNU Transport Layer Security Library
 License:        LGPL-2.1-or-later
 Group:          System/Libraries
+%if 0%{?suse_version} && ! 0%{?sle_version}
+Requires:       crypto-policies
+%endif
 
 %description -n libgnutlsxx%{gnutlsxx_sover}
 The GnuTLS library provides a secure layer over a reliable transport
@@ -134,8 +149,11 @@ of the IETF's TLS working group.
 Summary:        Development package for the GnuTLS C API
 License:        LGPL-2.1-or-later
 Group:          Development/Libraries/C and C++
+%if 0%{?suse_version} && ! 0%{?sle_version}
+Requires:       crypto-policies
+%endif
 Requires:       glibc-devel
-Requires:       gnutls = %{version}-%{release}
+Requires:       gnutls = %{version}
 Requires:       libgnutls%{gnutls_sover} = %{version}
 Requires(pre):  %{install_info_prereq}
 Provides:       gnutls-devel = %{version}-%{release}
@@ -192,6 +210,7 @@ export CXXFLAGS="%{optflags} -fPIE"
         --disable-static \
         --disable-rpath \
         --disable-silent-rules \
+        %{?with_kcapi:--enable-afalg} \
         --with-default-trust-store-dir=%{_localstatedir}/lib/ca-certificates/pem \
         --with-system-priority-file=%{_sysconfdir}/crypto-policies/back-ends/gnutls.config \
         --with-default-priority-string="@SYSTEM" \