diff --git a/patches.tar.bz2 b/patches.tar.bz2
index bac1cd0..2b09fc7 100644
--- a/patches.tar.bz2
+++ b/patches.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:478260fef1d481e5855738953e1be347a4e40707f3558df2296403435fa3871d
-size 29327
+oid sha256:bb5481a387e33c5d227939bfa8d307f081772bc1213e9af4ac884eef2b651325
+size 29379
diff --git a/samba.changes b/samba.changes
index 94ddaf0..06b5d6e 100644
--- a/samba.changes
+++ b/samba.changes
@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Fri Dec 11 16:49:16 UTC 2015 - lmuelle@suse.com
+
+- Update to 4.3.3.
+  + Malicious request can cause Samba LDAP server to hang, spinning using CPU;
+    CVE-2015-3223; (bso#11325); (bnc#958581).
+  + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
+    (bnc#958586).
+  + Insufficient symlink verification (file access outside the share);
+    CVE-2015-5252; (bso#11395); (bnc#958582).
+  + No man in the middle protection when forcing smb encryption on the client
+    side; CVE-2015-5296; (bso#11536); (bnc#958584).
+  + Currently the snapshot browsing is not secure thru windows previous version
+    (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
+  + Fix Microsoft MS15-096 to prevent machine accounts from being changed into
+    user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
+
 -------------------------------------------------------------------
 Tue Dec  1 16:48:13 UTC 2015 - lmuelle@suse.com
 
diff --git a/samba.spec b/samba.spec
index 0880c5c..398497b 100644
--- a/samba.spec
+++ b/samba.spec
@@ -122,7 +122,7 @@ BuildRequires:  libavahi-devel
 BuildRequires:  systemd
 BuildRequires:  systemd-devel
 %endif
-%define	samba_ver 4.3.2
+%define	samba_ver 4.3.3
 %define	samba_ver_suffix %nil
 %if "%{samba_ver_suffix}" == ""
 %define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz
@@ -144,11 +144,11 @@ BuildRequires:  systemd-devel
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-%define SOURCE_TIMESTAMP 3535
+%define SOURCE_TIMESTAMP 3551
 %define BRANCH %{version}
 %global with_mitkrb5 1
 %global with_dc 0
-Version:        4.3.2
+Version:        4.3.3
 Release:        0
 Url:            http://www.samba.org/
 Provides:       samba-gplv3 = %{version}
diff --git a/vendor-files.tar.bz2 b/vendor-files.tar.bz2
index 53a3875..a097acc 100644
--- a/vendor-files.tar.bz2
+++ b/vendor-files.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:d0d7c9b656193c2a8d439b6f7cc9fccb9031ea457ed835c1594bbe6546d519f1
-size 53061
+oid sha256:82eb94dc104074b3e08554dbaf0a4a7b7f83cfdb6d510d0f198f2f95be2a99ff
+size 52928