diff --git a/gnupg-2.0.10-tmpdir.diff b/gnupg-2.0.10-tmpdir.diff
index 8dfbbfd..61968cf 100644
--- a/gnupg-2.0.10-tmpdir.diff
+++ b/gnupg-2.0.10-tmpdir.diff
@@ -1,9 +1,9 @@
 # create gpg-agent socket in TMPDIR
-Index: gnupg-2.0.12/agent/gpg-agent.c
+Index: gnupg-2.0.13/agent/gpg-agent.c
 ===================================================================
---- gnupg-2.0.12.orig/agent/gpg-agent.c	2009-06-03 18:07:56.000000000 +0200
-+++ gnupg-2.0.12/agent/gpg-agent.c	2009-06-18 11:40:02.000000000 +0200
-@@ -937,6 +937,10 @@ main (int argc, char **argv )
+--- gnupg-2.0.13.orig/agent/gpg-agent.c	2009-07-20 12:12:06.000000000 +0200
++++ gnupg-2.0.13/agent/gpg-agent.c	2009-11-13 13:00:55.000000000 +0100
+@@ -960,6 +960,10 @@ main (int argc, char **argv )
        gnupg_fd_t fd_ssh;
        pid_t pid;
  
@@ -14,7 +14,7 @@ Index: gnupg-2.0.12/agent/gpg-agent.c
        /* Remove the DISPLAY variable so that a pinentry does not
           default to a specific display.  There is still a default
           display when gpg-agent was started using --display or a
-@@ -948,13 +952,23 @@ main (int argc, char **argv )
+@@ -971,13 +975,23 @@ main (int argc, char **argv )
          unsetenv ("DISPLAY");
  #endif
  
@@ -30,12 +30,11 @@ Index: gnupg-2.0.12/agent/gpg-agent.c
        socket_name = create_socket_name 
 -        ("S.gpg-agent", "/tmp/gpg-XXXXXX/S.gpg-agent");
 -      if (opt.ssh_support)
--	socket_name_ssh = create_socket_name 
--          ("S.gpg-agent.ssh", "/tmp/gpg-XXXXXX/S.gpg-agent.ssh");
 +        ("S.gpg-agent", tmp);
 +      if (opt.ssh_support) {
 +        snprintf(tmp, len, "%s%s%s.ssh", tmp1, tmp1 && strlen(tmp1) > 0 ? "/" : "", tmp2);
-+	    socket_name_ssh = create_socket_name 
+ 	socket_name_ssh = create_socket_name 
+-          ("S.gpg-agent.ssh", "/tmp/gpg-XXXXXX/S.gpg-agent.ssh");
 +          ("S.gpg-agent.ssh", tmp);
 +      }
 +      free(tmp);
diff --git a/gnupg-2.0.12.tar.bz2 b/gnupg-2.0.12.tar.bz2
deleted file mode 100644
index 4b28b61..0000000
--- a/gnupg-2.0.12.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9633e104c519fade1c9fce5843d1f70439b156bcc446aa270ea8192d461d9cce
-size 3924196
diff --git a/gnupg-2.0.13.tar.bz2 b/gnupg-2.0.13.tar.bz2
new file mode 100644
index 0000000..0e832ce
--- /dev/null
+++ b/gnupg-2.0.13.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d9b3d71f8f2930483d7b7b56276ebe954175b72b34128c6669d0fc00d289aa2e
+size 3946616
diff --git a/gnupg-2.0.4-default-tty.diff b/gnupg-2.0.4-default-tty.diff
deleted file mode 100644
index 904eb08..0000000
--- a/gnupg-2.0.4-default-tty.diff
+++ /dev/null
@@ -1,27 +0,0 @@
-# sets default tty to /dev/tty
-Index: common/asshelp.c
-===================================================================
---- common/asshelp.c.orig	2008-10-20 14:54:58.000000000 +0200
-+++ common/asshelp.c	2009-06-18 11:41:47.000000000 +0200
-@@ -97,6 +97,8 @@ send_pinentry_environment (assuan_contex
-       dft_ttyname = getenv ("GPG_TTY");
-       if ((!dft_ttyname || !*dft_ttyname) && ttyname (0))
-         dft_ttyname = ttyname (0);
-+      if (!dft_ttyname)
-+        dft_ttyname = "/dev/tty";
-     }
-   if (opt_ttyname || dft_ttyname)
-     {
-Index: common/simple-pwquery.c
-===================================================================
---- common/simple-pwquery.c.orig	2009-05-20 09:39:10.000000000 +0200
-+++ common/simple-pwquery.c	2009-06-18 11:41:47.000000000 +0200
-@@ -225,6 +225,8 @@ agent_send_all_options (int fd)
- #ifndef HAVE_W32_SYSTEM
-   if ((!dft_ttyname || !*dft_ttyname) && ttyname (0))
-     dft_ttyname = ttyname (0);
-+  if (!dft_ttyname)
-+    dft_ttyname = "/dev/tty";
- #endif
-   if (dft_ttyname && *dft_ttyname)
-     {
diff --git a/gnupg-2.0.4-install_tools.diff b/gnupg-2.0.4-install_tools.diff
index ff6e009..fa8be34 100644
--- a/gnupg-2.0.4-install_tools.diff
+++ b/gnupg-2.0.4-install_tools.diff
@@ -1,7 +1,7 @@
 Index: tools/Makefile.am
 ===================================================================
 --- tools/Makefile.am.orig	2009-04-17 19:39:47.000000000 +0200
-+++ tools/Makefile.am	2009-06-18 11:41:20.000000000 +0200
++++ tools/Makefile.am	2009-11-13 13:01:24.000000000 +0100
 @@ -32,8 +32,8 @@ sbin_SCRIPTS = addgnupghome applygnupgde
  
  bin_SCRIPTS = gpgsm-gencert.sh
diff --git a/gnupg-2.0.9-RSA_ES.patch b/gnupg-2.0.9-RSA_ES.patch
index d78b9b5..ae44182 100644
--- a/gnupg-2.0.9-RSA_ES.patch
+++ b/gnupg-2.0.9-RSA_ES.patch
@@ -1,8 +1,8 @@
 # adds back support for deprecated RSA_E, RSA_S algorithms
-Index: gnupg-2.0.12/g10/misc.c
+Index: gnupg-2.0.13/g10/misc.c
 ===================================================================
---- gnupg-2.0.12.orig/g10/misc.c	2009-06-05 15:58:27.000000000 +0200
-+++ gnupg-2.0.12/g10/misc.c	2009-06-18 11:42:19.000000000 +0200
+--- gnupg-2.0.13.orig/g10/misc.c	2009-07-16 08:22:45.000000000 +0200
++++ gnupg-2.0.13/g10/misc.c	2009-11-13 13:19:39.000000000 +0100
 @@ -1308,6 +1308,8 @@ pubkey_get_npkey( int algo )
  
    if (algo == GCRY_PK_ELG_E)
diff --git a/gpg2.changes b/gpg2.changes
index 6575007..97fc42d 100644
--- a/gpg2.changes
+++ b/gpg2.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Fri Nov 13 14:37:58 UTC 2009 - puzel@novell.com
+
+- update to gnupg-2.0.13
+ * GPG now generates 2048 bit RSA keys by default.  The default hash
+   algorithm preferences has changed to prefer SHA-256 over SHA-1.
+   2048 bit DSA keys are now generated to use a 256 bit hash algorithm
+ * The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now
+   passed to the Pinentry to make SCIM work.
+ * The GPGSM command --gen-key features a --batch mode and implements
+   all features of gpgsm-gencert.sh in standard mode.
+ * New option --re-import for GPGSM's IMPORT server command.
+ * Enhanced writing of existing keys to OpenPGP v2 cards.
+ * Add hack to the internal CCID driver to allow the use of some
+   Omnikey based card readers with 2048 bit keys.
+ * GPG now repeatly asks the user to insert the requested OpenPGP
+   card.  This can be disabled with --limit-card-insert-tries=1.
+ * Minor bug fixes.
+- drop gnupg-2.0.4-default-tty.diff
+
 -------------------------------------------------------------------
 Thu Jun 18 13:22:00 CEST 2009 - puzel@novell.com
 
diff --git a/gpg2.spec b/gpg2.spec
index a759311..05dbb44 100644
--- a/gpg2.spec
+++ b/gpg2.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package gpg2 (Version 2.0.12)
+# spec file for package gpg2 (Version 2.0.13)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -19,7 +19,7 @@
 
 
 Name:           gpg2
-Version:        2.0.12
+Version:        2.0.13
 Release:        1
 BuildRequires:  expect fdupes libpth-devel
 BuildRequires:  libgpg-error-devel >= 1.4
@@ -40,12 +40,11 @@ PreReq:         %install_info_prereq
 AutoReqProv:    on
 Requires:       pinentry dirmngr %name-lang = %{version}
 Provides:       newpg gpg = 1.4.9 gnupg = %{version}
-Obsoletes:      newpg gpg <= 1.4.9
+Obsoletes:      gpg < 1.4.9
 Summary:        GnuPG 2
 Source:         gnupg-%{version}.tar.bz2
 Patch5:         gnupg-2.0.10-tmpdir.diff
 Patch7:         gnupg-2.0.4-install_tools.diff
-Patch9:         gnupg-2.0.4-default-tty.diff
 Patch10:        gnupg-2.0.9-RSA_ES.patch
 Patch11:        gnupg-2.0.9-langinfo.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -66,7 +65,6 @@ Authors:
 %setup  -q -n gnupg-%version
 %patch5 -p1
 %patch7
-%patch9
 %patch10 -p1
 %patch11
 
@@ -150,233 +148,3 @@ $RPM_BUILD_ROOT/usr/bin/gpgsplit -v -p secsplit- --secret-to-public --uncompress
 %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf
 
 %changelog
-* Thu Jun 18 2009 puzel@novell.com
-- update to gnupg-2.0.12
-  * GPGSM now always lists ephemeral certificates if specified by
-  fingerprint or keygrip.
-  * New command "KEYINFO" for GPG_AGENT.  GPGSM now also returns
-  information about smartcards.
-  * Made sure not to leak file descriptors if running gpg-agent with a
-  command.  Restore the signal mask to solve a problem in Mono.
-  * Changed order of the confirmation questions for root certificates
-  and store negative answers in trustlist.txt.
-  * Better synchronization of concurrent smartcard sessions.
-  * Support 2048 bit OpenPGP cards.
-  * Support Telesec Netkey 3 cards.
-  * The gpg-protect-tool now uses gpg-agent via libassuan.
-  * Changed code to avoid a possible Mac OS X system freeze.
-- drop gpg2-fix-rtsignals.patch (fixed upstream)
-- drop gnupg-1.9.22-ccid-driver-fix.diff (unused)
-* Thu Jun 11 2009 puzel@suse.cz
-- change BuildRequires: (pth-devel -> libpth-devel)
-* Mon Jun 01 2009 puzel@suse.cz
-- BuildRequires: pth-devel
-* Wed Mar 18 2009 puzel@suse.cz
-- add gpg2-fix-rtsignals.patch (bnc#481463)
-* Thu Mar 05 2009 puzel@suse.cz
-- update to 2.0.11
-  * Fixed a problem in SCDAEMON which caused unexpected card resets.
-  * SCDAEMON is now aware of the Geldkarte.
-  * The SCDAEMON option --allow-admin is now used by default.
-  * GPGCONF now restarts SCdaemon if necessary.
-  * The default cipher algorithm in GPGSM is now again 3DES.  This is
-  due to interoperability problems with Outlook 2003 which still
-  can't cope with AES.
-- dropped gnupg-2.0.10-fix-convert.patch (upstream)
-- dropped gnupg-2.0.10-fix-missing-option.patch (upstream)
-- disabled gnupg-1.9.22-ccid-driver-fix.diff (does not apply and it is
-  not clear what it is good for)
-* Mon Mar 02 2009 puzel@suse.cz
-- gnupg-2.0.10-fix-missing-option.patch (bnc#477362)
-* Mon Jan 19 2009 puzel@suse.cz
-- add gnupg-2.0.10-fix-convert.patch
-  - fix broken 'make check' on ppc, s390 and s390x
-* Tue Jan 13 2009 puzel@suse.cz
-- update to 2.0.10
-  * New keyserver helper gpg2keys_kdns as generic DNS CERT
-  lookup.
-  * New mechanisms "local" and "nodefault" for --auto-key-locate.
-  Fixed a few problems with this option.
-  * New command --locate-keys.
-  * New options --with-sig-list and --with-sig-check.
-  * The option "-sat" is no longer an alias for --clearsign.
-  * The option --fixed-list-mode is now implicitly used and obsolete.
-  * New control statement %%ask-passphrase for the unattended key
-  generation.
-  * The algorithm to compute the SIG_ID status has been changed.
-  * [gpgsm] Now uses AES by default.
-  * [gpgsm] Made --output option work with --export-secret-key-p12.
-  * [gpg-agent] Terminate process if the own listening socket is not
-  anymore served by ourself.
-  * [gpg-connect-agent] Accept commands given as command line arguments.
-  * The gpg-preset-passphrase mechanism works again. An arbitrary
-  string may now be used for a custom cache ID.
-  * Admin PINs are cached again (bug in 2.0.9).
-  * Support for version 2 OpenPGP cards.
-- specfile changes:
-  * require libadns
-  * explicit versions for some BuildRequires
-  * BuildRequires libgpg-error
-  * changed license to GPL v3
-  * /etc/gnupg/gnupg.conf is now (noreplace)
-  * documentation is installed with install
-* Wed Jun 11 2008 puzel@suse.cz
-- fix [bnc#305725] - UTF-8 problems
-  * non latin characters displayed incorrectly by pinentry-*
-* Wed May 21 2008 puzel@suse.cz
-- added missing gpgconf.conf (bnc#391347)
-* Fri Mar 28 2008 pcerny@suse.cz
-- update to 2.0.9
-  * fixes CVE-2008-1530 (bnc#374254)
-  * removing gnupg-2.0.8-from-upstream.diff (included in release)
-  * removing gnupg-2.0.4-oldkey.diff (accepted by upstream)
-  * removing gnupg-2.0.8-warningfixes.diff
-  (also appears in upstream)
-- patch gnupg-2.0.9-RSA_ES.patch
-  * adding back support for deprecated RSA_E, RSA_S algorithms
-  (bnc#342979)
-* Wed Mar 26 2008 coolo@suse.de
-- require the split out lang package
-* Sun Mar 23 2008 coolo@suse.de
-- splitting out a third of the package by using a lang subpack
-* Tue Feb 12 2008 bk@suse.de
-- install gpg-zip and gpgsplit again and use -pie for randomisation
-* Wed Feb 06 2008 bk@suse.de
-- add selected upstream fixes and fix gcc and rpmlint warnings
-* Tue Jan 08 2008 sassmann@suse.de
-- update to GnuPG-2.0.8
-- adapted patches to apply properly
-  * gnupg-1.9.18-tmpdir.diff
-  * gnupg-2.0.4-install_tools.diff
-- gnupg-2.0.5.fixes-from-svn-20070812.diff commented out,
-  included in upstream 2.0.8
-- use optflags during build
-* Wed Sep 12 2007 ltinkl@suse.cz
-- fix #304749 - gpg2 unable to use old secret key
-* Mon Sep 10 2007 ltinkl@suse.cz
-- fix gpg2 crash on accessing key (#307666)
-- fix gpg doesn't work on the console (#302323)
-* Fri Aug 10 2007 bk@suse.de
-- update to GnuPG-2.0.5             - requries libassuan-1.0.2!
-  * Switched license to GPLv3.
-  * Fixed bug when using the --p12-charset without --armor.
-  * The command --gen-key may now be used instead of the
-  gpgsm-gencert.sh script.
-  * Changed key generation to reveal less information about the
-  machine.  Bug fixes for gpg2's card key generation.
-- enable make check to test against build issues in the crypto engine
-- cleanup disabled nld patch for linking with -lgpg-error-nld
-- use %%find_lang to label the locale files properly with %%lang
-- add opensc-devel to BuildRequrires to enanble smartcard support
-- del Makefile.in patches where we patch Makefile.am and run automake
-- cleanup the standrd GNU INSTALL and the empty VERSION from %%doc
-* Thu Jul 26 2007 sbrabec@suse.cz
-- Build with libassuan-devel.
-* Thu Jun 21 2007 ro@suse.de
-- install compat symlinks for gpg2 and gpgv2
-- install gpg-zip and gpgsplit
-- added openldap2 to buildrequires (for gpgkeys_ldap)
-- added fPIE/pie to CFLAGS/LDFLAGS for gpgsplit
-* Wed May 23 2007 dmueller@suse.de
-- add libusb-devel build requires
-* Wed May 16 2007 ltinkl@suse.cz
-- remove gpg from Require's (#273491)
-* Fri May 11 2007 ltinkl@suse.cz
-- updated to 2.0.4 stable snapshot
-* Wed Apr 04 2007 ltinkl@suse.cz
-- update to 2.0.3
-- fixed #251605 - VUL-0: signing issues within GNUPG
-- removed outdated patches
-* Fri Mar 30 2007 ro@suse.de
-- added zlib-devel to buildreq
-* Wed Feb 14 2007 ltinkl@suse.cz
-- fix file conflicts with gpg (#242133)
-* Tue Jan 30 2007 ro@suse.de
-- fix build (exclude possible debuginfo directory)
-* Mon Jan 29 2007 ltinkl@suse.cz
-- fix #221212 - gpg2 is not updated and do not contain documentation
-- fix #233525 - gpg1/2: bug in vasprintf() implementation
-* Thu Nov 30 2006 anicka@suse.cz
-- fix overflow in openfile.c (CVE-2006-6169, #224108)
-* Mon Sep 11 2006 pnemec@suse.cz
-- updated gnupg to new version 1.9.22
-  Enhanced pkcs#12 support
-  Support for the CardMan 4040 PCMCIA
-  Collected bug fixes
-- updated pth library to 2.0.7
-- changed using pinetry-qt to pinentry
-- removed -cfb.diff -signature.patch -cap_large_uid.patch patches
-  they are no longer needed
-- change patch -warnings-fix.diff -ccid-driver-fix.diff
-* Thu Aug 17 2006 pnemec@suse.de
-- remove unused package in build requires
-* Wed Aug 09 2006 pnemec@suse.cz
-- fix spec file to build with new gettext 0.15
-* Mon Aug 07 2006 pnemec@suse.cz
-- fixed security fix with large uid CVE-2006-3746 [#195569]
-* Thu Feb 23 2006 pnemec@suse.cz
-- fixed signature security problem CVE-2006-0455 (bugzilla#150742)
-* Thu Feb 02 2006 pnemec@suse.cz
-- fixed install info in spec file
-* Thu Jan 26 2006 sbrabec@suse.cz
-- Added missing %%install_info.
-* Wed Jan 25 2006 mls@suse.de
-- converted neededforbuild to BuildRequires
-* Fri Aug 05 2005 postadal@suse.cz
-- updated to version to 1.9.18
-- removed obsoleted gcc patch
-- added patch tmpdir.diff for using $TMPDIR by gpg-agent [#bug95732]
-* Tue Jul 12 2005 postadal@suse.cz
-- updated to version to 1.9.17
-- updated pth to version 2.0.4
-- removed obsoleted patch agent-cache-fix.diff
-- fixed ccid-driver.c
-- fixed gcc4
-- explicitly enabled gpg building in configure
-* Thu Mar 24 2005 postadal@suse.cz
-- fixed caching passphrase in gpg-agent [#71975]
-* Tue Mar 22 2005 postadal@suse.cz
-- fixed on 64bit archs [#72440]
-* Wed Feb 23 2005 postadal@suse.cz
-- security fix for cfb-cipher issue [#65862]
-* Wed Jan 12 2005 postadal@suse.cz
-- update to version 1.9.14
-- removed obsoleted patch automake-fixes.diff
-* Tue Sep 28 2004 adrian@suse.de
-- link against libpth staticaly to make S/MIME support in kmail
-  usable. Hopefully we can convert this to a native thread implementation
-  later. (#46260)
-* Sat Jul 31 2004 adrian@suse.de
-- update to version 1.9.10
-* Tue Jul 20 2004 adrian@suse.de
-- remove openct and opensc packages from nfb
-  (we will need thread support, when enabling card reader support,
-  but it isn't anyway implemented yet in gpg2)
-* Mon Jul 12 2004 adrian@suse.de
-- use GnuPG 2 sources version 1.9.9
-- opensc support misses some functions atm, support disabled for now
-- threading is disabled, since we do not have a pth package for now
-- prepare for nld
-* Thu Feb 26 2004 postadal@suse.cz
-- adapted some functions to the libgcrypt version 1.1.91 [#34987]
-- added libgpg-error to needforbuild flag
-* Wed Feb 18 2004 kukuk@suse.de
-- Don't build against libpth.
-* Tue Feb 10 2004 postadal@suse.cz
-- fixed code that broke strict aliasing
-* Fri Dec 05 2003 garloff@suse.de
-- disable core dumpe in child after forking. [#33499]
-* Mon Aug 11 2003 adrian@suse.de
-- cleanup #neededforbuild and requires
-* Mon Aug 04 2003 ro@suse.de
-- added openct to neededforbuild
-* Fri Jul 18 2003 mc@suse.de
-- build against opensc
-* Thu Jun 19 2003 schwab@suse.de
-- Add %%install_info.
-* Mon Mar 17 2003 adrian@suse.de
-- add signal handler to check if the parent is still alive and
-  exit if not
-- use pinentry-qt by default (/usr/bin/pinentry do not exist)
-* Tue Feb 11 2003 mc@suse.de
-- initial release