diff --git a/csrf-samesite-fix.patch b/csrf-samesite-fix.patch
index 4cfe07a..b50ac93 100644
--- a/csrf-samesite-fix.patch
+++ b/csrf-samesite-fix.patch
@@ -2,9 +2,9 @@ Index: classes/Misc.php
 ===================================================================
 --- classes/Misc.php.orig
 +++ classes/Misc.php
-@@ -1333,6 +1333,10 @@
- 			$server_info = $this->getServerInfo();
- 			$reqvars = $this->getRequestVars('table');
+@@ -1354,6 +1354,10 @@
+ 				echo '<div class="alert-banner"><p><a href="https://www.php.net/manual/en/session.configuration.php#ini.session.cookie-samesite" target="_blank" rel="noopener noreferrer">', htmlspecialchars($lang['sessionsecuritywarning']), '</a></p></div>';
+ 			}
  
 +			if (!$conf['extra_session_security']) {
 +				echo '<div class="alert-banner"><p><a href="http://phppgadmin.sourceforge.net/doku.php?id=faq#other_questions" target="_blank" rel="noopener noreferrer">', htmlspecialchars($lang['sessionsecuritywarning']), '</a></p></div>';
@@ -17,9 +17,9 @@ Index: conf/config.inc.php-dist
 ===================================================================
 --- conf/config.inc.php-dist.orig
 +++ conf/config.inc.php-dist
-@@ -89,6 +89,15 @@
- 	// your browser preference.
- 	$conf['default_lang'] = 'auto';
+@@ -98,6 +98,15 @@
+ 	// to this feature and will be vulnerable to CSRF attacks.
+ 	$conf['extra_session_security'] = true;
  
 +    // If extra session security is true, then PHP's session cookies will have
 +    // SameSite cookie flags set to prevent CSRF attacks.  If you're using
@@ -33,64 +33,6 @@ Index: conf/config.inc.php-dist
  	// AutoComplete uses AJAX interaction to list foreign key values
  	// on insert fields. It currently only works on single column
  	// foreign keys. You can choose one of the following values:
-Index: lang/english.php
-===================================================================
---- lang/english.php.orig
-+++ lang/english.php
-@@ -807,6 +807,7 @@
- 	$lang['strloading'] = 'Loading...';
- 	$lang['strerrorloading'] = 'Error Loading';
- 	$lang['strclicktoreload'] = 'Click to reload';
-+	$lang['sessionsecuritywarning'] = 'You are running phpPgAdmin without session security.';
- 
- 	// Autovacuum
- 	$lang['strautovacuum'] = 'Autovacuum';
-Index: libraries/lib.inc.php
-===================================================================
---- libraries/lib.inc.php.orig
-+++ libraries/lib.inc.php
-@@ -50,11 +50,36 @@
- 	require_once('./classes/Misc.php');
- 	$misc = new Misc();
- 
--	// Start session (if not auto-started)
--	if (!ini_get('session.auto_start')) {
--		session_name('PPA_ID');
--		session_start();
--	}
-+    // Session start: if extra_session_security is on, make sure cookie_samesite
-+    // is on (exit if we fail); otherwise, just start the session
-+    $our_session_name = 'PPA_ID';
-+    if ($conf['extra_session_security']) {
-+        if (version_compare(phpversion(), '7.3', '<')) {
-+            exit('PHPPgAdmin cannot be fully secured while running under PHP versions before 7.3.  Please upgrade PHP if possible.  If you cannot upgrade, and you\'re willing to assume the risk of CSRF attacks, you can change the value of "extra_session_security" to false in your config.inc.php file.');
-+        }
-+        if (ini_get('session.auto_start')) {
-+            // If session.auto_start is on, and the session doesn't have
-+            // session.cookie_samesite set, destroy and re-create the session
-+            if (session_name() !== $our_session_name) {
-+                $setting = strtolower(ini_get('session.cookie_samesite'));
-+                if ($setting !== 'lax' && $setting !== 'strict') {
-+                    session_destroy();
-+                    session_name($our_session_name);
-+                    ini_set('session.cookie_samesite', 'Strict');
-+                    session_start();
-+                }
-+            }
-+        } else {
-+            session_name($our_session_name);
-+            ini_set('session.cookie_samesite', 'Strict');
-+            session_start();
-+        }
-+    } else {
-+        if (!ini_get('session.auto_start')) {
-+            session_name($our_session_name);
-+            session_start();
-+        }
-+    }
- 
- 	// Do basic PHP configuration checks
- 	if (ini_get('magic_quotes_gpc')) {
 Index: tests/manual/issue-94/README.md
 ===================================================================
 --- /dev/null
@@ -270,9 +212,9 @@ Index: themes/global.css
 ===================================================================
 --- themes/global.css.orig
 +++ themes/global.css
-@@ -72,6 +72,26 @@ body.browser {
+@@ -92,6 +92,26 @@ body.browser {
+ 	color: #9F6000;
  }
- .ac_values {width:100%}
  
 +/** alert banner **/
 +.alert-banner {
@@ -297,15 +239,3 @@ Index: themes/global.css
  /** bottom link back to top **/
  .bottom_link {
  	position: fixed; 
-Index: themes/gotar/global.css
-===================================================================
---- themes/gotar/global.css.orig
-+++ themes/gotar/global.css
-@@ -136,6 +136,7 @@ td.opbutton1 a, td.opbutton2 a {
- 	padding-left:6px;
- 	padding-right:6px;
- }
-+.alert-banner { margin-top: 0 }
- .topbar { border: 0 }
- .topbar, .topbar *, .trail, .tab, .crumb {
- 	border: 0;
diff --git a/phpPgAdmin-7.13.0.tar.bz2 b/phpPgAdmin-7.13.0.tar.bz2
deleted file mode 100644
index 462ed45..0000000
--- a/phpPgAdmin-7.13.0.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:dc9a5d74c49330af65664b3fd145df2b76c63f946e0de86e306b308ad104939c
-size 620530
diff --git a/phpPgAdmin-7.14.6-mod.tar.gz b/phpPgAdmin-7.14.6-mod.tar.gz
new file mode 100644
index 0000000..ba1c14b
--- /dev/null
+++ b/phpPgAdmin-7.14.6-mod.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b33282d8c36873dff30a0a56039d31067fcdb2d3274701ec1d79c2d01b5e6e64
+size 1153991
diff --git a/phpPgAdmin.changes b/phpPgAdmin.changes
index 1f0b88e..3ef1f31 100644
--- a/phpPgAdmin.changes
+++ b/phpPgAdmin.changes
@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Fri Nov  3 10:58:05 UTC 2023 - chris@computersalat.de
+
+- Update to 7.14.6
+  * fix for CVE-2023-40619 (boo#1215551)
+  * no real ChangeLog available
+- Changed to fork 'ReimuHakurei'
+- rebased patches
+  * csrf-samesite-fix.patch
+  * phpPgAdmin_config.inc.patch
+- rename phpPgAdmin-config.inc.patch to phpPgAdmin_config.inc.patch
+- add phpPgAdmin_appVersion.patch (remove suffix '-mod')
+
 -------------------------------------------------------------------
 Mon Feb 13 10:55:19 UTC 2023 - ecsos <ecsos@opensuse.org>
 
diff --git a/phpPgAdmin.spec b/phpPgAdmin.spec
index 23b0f21..44de9ba 100644
--- a/phpPgAdmin.spec
+++ b/phpPgAdmin.spec
@@ -18,6 +18,7 @@
 
 Name:           phpPgAdmin
 
+%define lc_prj  ReimuHakurei
 %define lc_name phppgadmin
 %define ap_docroot_old %{apache_serverroot}/htdocs
 %define ap_docroot %{_datadir}
@@ -26,14 +27,17 @@ Name:           phpPgAdmin
 Summary:        Administration of PostgreSQL over the web
 License:        GPL-2.0-or-later
 Group:          Productivity/Databases/Tools
-Version:        7.13.0
+Version:        7.14.6
 Release:        0
-%define rel_version REL_7-13-0
-URL:            http://phppgadmin.sourceforge.net
-Source0:        https://github.com/%{lc_name}/%{lc_name}/releases/download/%{rel_version}/%{name}-%{version}.tar.bz2
+%define rel_version REL_7-14-6
+#URL:            https://github.com/phppgadmin/phppgadmin
+#Source0:        https://github.com/%{lc_name}/%{lc_name}/releases/download/%{rel_version}/%{name}-%{version}.tar.bz2
+URL:            https://github.com/ReimuHakurei/phpPgAdmin
+Source0:        %{name}-%{version}-mod.tar.gz
 Source1:        %{name}.http
 Source2:        %{name}.http.inc
-Patch0:         %{name}-config.inc.patch
+Patch0:         %{name}_config.inc.patch
+Patch10:        %{name}_appVersion.patch
 Patch100:       csrf-samesite-fix.patch
 BuildArch:      noarch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -49,7 +53,7 @@ perfect for PostgreSQL DBAs, newbies and hosting services.
 Features
 
 * Administer multiple servers
-* Support for PostgreSQL 9.x.x, 10.x, 11.x, 12.x
+* Support for PostgreSQL 9.x.x, 10.x, 11.x, 12.x, 14.x
 * Manage all aspects of:
 	o Users & groups
 	o Databases
@@ -83,8 +87,9 @@ Supplements:    packageand(apache2:%name)
 This subpackage contains the Apache configuration files
 
 %prep
-%setup -q
+%setup -q -n %{name}-%{version}-mod
 %patch0
+%patch10
 %patch100
 
 ### remove not needed files
diff --git a/phpPgAdmin_appVersion.patch b/phpPgAdmin_appVersion.patch
new file mode 100644
index 0000000..cb639b9
--- /dev/null
+++ b/phpPgAdmin_appVersion.patch
@@ -0,0 +1,13 @@
+Index: libraries/lib.inc.php
+===================================================================
+--- libraries/lib.inc.php.orig
++++ libraries/lib.inc.php
+@@ -16,7 +16,7 @@
+ 	$appName = 'phpPgAdmin';
+ 
+ 	// Application version
+-	$appVersion = '7.14.6-mod';
++	$appVersion = '7.14.6';
+ 
+ 	// PostgreSQL and PHP minimum version
+ 	global $postgresqlMinVer;
diff --git a/phpPgAdmin-config.inc.patch b/phpPgAdmin_config.inc.patch
similarity index 97%
rename from phpPgAdmin-config.inc.patch
rename to phpPgAdmin_config.inc.patch
index 4274e8c..15b2f19 100644
--- a/phpPgAdmin-config.inc.patch
+++ b/phpPgAdmin_config.inc.patch
@@ -2,7 +2,7 @@ Index: libraries/lib.inc.php
 ===================================================================
 --- libraries/lib.inc.php.orig
 +++ libraries/lib.inc.php
-@@ -27,12 +27,12 @@
+@@ -28,12 +28,12 @@
  		exit(sprintf('Version of PHP not supported. Please upgrade to version %s or later.', $phpMinVer));
  
  	// Check to see if the configuration file exists, if not, explain