diff --git a/strongswan-4.6.2-glib.patch b/strongswan-4.6.2-glib.patch
deleted file mode 100644
index ad0629b..0000000
--- a/strongswan-4.6.2-glib.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-Index: strongswan-4.5.3/src/libcharon/plugins/nm/nm_service.h
-===================================================================
---- strongswan-4.5.3.orig/src/libcharon/plugins/nm/nm_service.h
-+++ strongswan-4.5.3/src/libcharon/plugins/nm/nm_service.h
-@@ -21,8 +21,7 @@
- #ifndef NM_SERVICE_H_
- #define NM_SERVICE_H_
- 
--#include <glib/gtypes.h>
--#include <glib-object.h>
-+#include <glib.h>
- #include <nm-vpn-plugin.h>
- 
- #include "nm_creds.h"
diff --git a/strongswan-4.6.2.tar.bz2 b/strongswan-4.6.2.tar.bz2
deleted file mode 100644
index 6f75fa7..0000000
--- a/strongswan-4.6.2.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a5ecb3fc60a94ded9197532c7ebf42e8e321223311e4a4834ea15219aa1625e4
-size 3499818
diff --git a/strongswan-4.6.2.tar.bz2.sig b/strongswan-4.6.2.tar.bz2.sig
deleted file mode 100644
index b8cfc84..0000000
--- a/strongswan-4.6.2.tar.bz2.sig
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQGcBAABAgAGBQJPQmCUAAoJEN9CwXCzTbp3bR0MAKDSSAnebTDOnDV9chiEcFhU
-DarFqphtzQftugh6I+inoGlKWxtWCaGxc3+KLFNvu8KqFn9YbjhM0UEVuzudAgHU
-32BcSfA/yp/LEMppICRXFLMpwqPMKMgK/KBYkMGWOtDU1HjOd3CNVr5qWoK1KltK
-4u4wLTVcCbfLfK2LsMDcpx0zeijyYQ3kDTz4xgoY77N8qa9fE4jW7NbCIydy8kTn
-P+ZHH+MD3Ai2YN27ZqR6zVv7ocmrpWDNEeVXqQprQ1JK3ITaPxOF8h2uX/SRIU01
-cp64BXWU5vDm9Z+7QqgcFvIBKUJgutt0qngXylo04DwPrnKH6tqVMTASUju2aYB1
-SWT6B0G4EjVIh3bHbKexBLcPBfpBJEGzNAn5NPY4eYGaKVEn3ryYSTReBCB3jeAk
-f+TUqDs6viT7BmrT6sUkYERiHogq36Y9sRUCvwTRITf4xCDb/EjIahRnOCffSzsA
-bsoXIuUws8tO4AL8nkaFaA6lzKOM0ks2BXCYjGh+eQ==
-=CsWA
------END PGP SIGNATURE-----
diff --git a/strongswan-4.6.2-fmt-warnings.patch b/strongswan-4.6.3-fmt-warnings.patch
similarity index 100%
rename from strongswan-4.6.2-fmt-warnings.patch
rename to strongswan-4.6.3-fmt-warnings.patch
diff --git a/strongswan-4.6.2-rpmlintrc b/strongswan-4.6.3-rpmlintrc
similarity index 100%
rename from strongswan-4.6.2-rpmlintrc
rename to strongswan-4.6.3-rpmlintrc
diff --git a/strongswan-4.6.3.tar.bz2 b/strongswan-4.6.3.tar.bz2
new file mode 100644
index 0000000..c81ff64
--- /dev/null
+++ b/strongswan-4.6.3.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a2443f9b22b64932cf7600723aee4f2fce51ba56e0216ae5f31dbb3470903d24
+size 3555738
diff --git a/strongswan-4.6.3.tar.bz2.sig b/strongswan-4.6.3.tar.bz2.sig
new file mode 100644
index 0000000..3a5b241
--- /dev/null
+++ b/strongswan-4.6.3.tar.bz2.sig
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQGcBAABAgAGBQJPntqnAAoJEN9CwXCzTbp3UlcL/RX4foD5Y7qkvihoTU78a0E7
+4T3ytLY/WIzx1xELxZhkqHeS0gN/j0bthPW+4TvEG0XH4g1JF2MqT0e4D0vFdOmT
+BwUIhEC1LQHyM4CaJQpSGzIMs8YcR8HYQiHNRLjzNQcj30tpBhnchcWCikiC/MZO
+YaFtZozbGnqcj6DVGjX8ymBxfpwT/+WGJ4ZIwGJwvLXc1XEtIo1zMcyX76LKHk/x
+6E12pDL5/4s68XJ9/2Uk6M9lQUQOnQT4SGJvTjZ4YACc08yQbR/2mU/puCWw9pBX
+qQIKn7abmgj1/wwbqwYf0pSuUrlSwWLsVJVqpPYgHEydd8IoeSgZke8JacIR9ztW
+aiAtqFNRKo/rj/BuCxyt90sMBi1IPznRSB1IBYKSwp9EvuKtAlIoCmH4bHq/6w0O
+4ad0rTaXhwqTjGtpQR/UsXcdtaq0pB4uauOz6bsGFUflMPXDrE6yABiuGPowCJiK
+SVR9gtBHHYvzo5sRJLcemXswO93tI48/IpZRnHAmyw==
+=vGXG
+-----END PGP SIGNATURE-----
diff --git a/strongswan.changes b/strongswan.changes
index cffd5fb..8ab2dff 100644
--- a/strongswan.changes
+++ b/strongswan.changes
@@ -1,3 +1,43 @@
+-------------------------------------------------------------------
+Thu May 10 09:15:38 UTC 2012 - mt@suse.com
+
+- Updated to strongSwan 4.6.3 release:
+  - The tnc-pdp plugin implements a RADIUS server interface allowing
+    a strongSwan TNC server to act as a Policy Decision Point.
+  - The eap-radius authentication backend enforces Session-Timeout
+    attributes using RFC4478 repeated authentication and acts upon
+    RADIUS Dynamic Authorization extensions, RFC 5176. Currently
+    supported are disconnect requests and CoA messages containing
+    a Session-Timeout.
+  - The eap-radius plugin can forward arbitrary RADIUS attributes
+    from and to clients using custom IKEv2 notify payloads. The new
+    radattr plugin reads attributes to include from files and prints
+    received attributes to the console.
+  - Added support for untruncated MD5 and SHA1 HMACs in ESP as used
+    in RFC 4595.
+  - The cmac plugin implements the AES-CMAC-96 and AES-CMAC-PRF-128
+    algorithms as defined in RFC 4494 and RFC 4615, respectively.
+  - The resolve plugin automatically installs nameservers via
+    resolvconf(8), if it is installed, instead of modifying
+    /etc/resolv.conf directly.
+  - The IKEv2 charon daemon supports now raw RSA public keys in RFC
+    3110 DNSKEY and PKCS#1 file format.
+  - The farp plugin sends ARP responses for any tunneled address,
+    not only virtual IPs.
+  - Charon resolves hosts again during additional keying tries.
+  - Fixed switching back to original address pair during MOBIKE.
+  - When resending IKE_SA_INIT with a COOKIE charon reuses the previous
+    DH value, as specified in RFC 5996.
+    This has an effect on the lifecycle of diffie_hellman_t, see
+    source:src/libcharon/sa/keymat.h#39 for details.
+  - COOKIEs are now kept enabled a bit longer to avoid certain race
+    conditions the commit message to 1b7debcc has some details.
+  - The new stroke user-creds command allows to set username/password
+    for a connection.
+  - strongswan.conf option added to set identifier for syslog(3) logging.
+  - Added a workaround for null-terminated XAuth secrets (as sent by
+    Android 4).
+
 -------------------------------------------------------------------
 Sat Mar  3 00:10:34 UTC 2012 - tabraham@novell.com
 
diff --git a/strongswan.spec b/strongswan.spec
index cdc09dd..e0c87a8 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -16,9 +16,8 @@
 #
 
 
-
 Name:           strongswan
-Version:        4.6.2
+Version:        4.6.3
 Release:        0
 %define         upstream_version   %{version}
 %define         strongswan_docdir  %{_docdir}/%{name}
@@ -43,7 +42,6 @@ Source3:        %{name}-%{version}-rpmlintrc
 Source4:        README.SUSE
 Patch1:         %{name}_modprobe_syslog.patch
 Patch2:         %{name}-%{version}-fmt-warnings.patch
-Patch3:         %{name}-%{version}-glib.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  bison
 BuildRequires:  curl-devel
@@ -110,6 +108,7 @@ Authors:
 %package doc
 BuildArch:      noarch
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 
 %description doc
 StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
@@ -125,6 +124,7 @@ Authors:
 
 %package libs0
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 Conflicts:      strongswan < %{version}
 
 %description libs0
@@ -134,11 +134,13 @@ This package provides the strongswan library and plugins.
 
 %package ikev1
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 Requires:       iproute2
-Requires:       strongswan-libs0 = %{version}
 Requires:       strongswan-ipsec = %{version}
-Provides:       strongswan-daemon = %{version} ikev1
+Requires:       strongswan-libs0 = %{version}
+Provides:       ikev1
 Provides:       pluto
+Provides:       strongswan-daemon = %{version}
 Conflicts:      freeswan openswan strongswan < %{version}
 
 %description ikev1
@@ -148,10 +150,12 @@ This package provides the pluto IKEv1 daemon.
 
 %package ikev2
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 Requires:       iproute2
-Requires:       strongswan-libs0 = %{version}
 Requires:       strongswan-daemon-starter = %{version}
-Provides:       strongswan-daemon = %{version} ikev2
+Requires:       strongswan-libs0 = %{version}
+Provides:       ikev2
+Provides:       strongswan-daemon = %{version}
 Conflicts:      openswan strongswan < %{version}
 
 %description ikev2
@@ -161,11 +165,14 @@ This package provides the charon IKEv2 daemon.
 
 %package ipsec
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 PreReq:         grep %insserv_prereq %fillup_prereq
-Requires:       strongswan-libs0 = %{version}
 Requires:       strongswan-daemon = %{version}
+Requires:       strongswan-libs0 = %{version}
+Provides:       VPN
+Provides:       ipsec
+Provides:       strongswan = %{version}
 Provides:       strongswan-daemon-starter = %{version}
-Provides:       strongswan = %{version} ipsec VPN
 Obsoletes:      strongswan < %{version}
 Conflicts:      freeswan openswan
 
@@ -180,6 +187,7 @@ to maintain both, IKEv1 and IKEv2 daemons, using /etc/ipsec.conf and
 
 %package mysql
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 Requires:       strongswan-libs0 = %{version}
 
 %description mysql
@@ -193,6 +201,7 @@ This package provides the strongswan mysql plugin.
 
 %package sqlite
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 Requires:       strongswan-libs0 = %{version}
 
 %description sqlite
@@ -206,8 +215,9 @@ This package provides the strongswan sqlite plugin.
 
 %package nm
 Summary:        OpenSource IPsec-based VPN Solution
-Requires:       strongswan-libs0 = %{version}
+Group:          Productivity/Networking/Security
 Requires:       strongswan-ikev2 = %{version}
+Requires:       strongswan-libs0 = %{version}
 Provides:       strongswan-daemon-starter = %{version}
 
 %description nm
@@ -224,6 +234,7 @@ NetworkManager-strongswan graphical user interface.
 %package tests
 
 Summary:        OpenSource IPsec-based VPN Solution
+Group:          Productivity/Networking/Security
 Requires:       strongswan-libs0 = %{version}
 
 %description tests
@@ -238,7 +249,6 @@ and the load testing plugin for IKEv2 daemon.
 %setup -q -n %{name}-%{upstream_version}
 %patch1 -p0
 %patch2 -p0
-%patch3 -p1
 sed -e 's|@libexecdir@|%_libexecdir|g'    \
      < $RPM_SOURCE_DIR/strongswan.init.in \
      > strongswan.init
@@ -318,7 +328,7 @@ cat << EOT > ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.secrets
 #
 EOT
 #
-rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan,simaka}.so
+rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,radius,strongswan,simaka}.so
 find  $RPM_BUILD_ROOT%{strongswan_libdir} \
       -name "*.a" -o -name "*.la" | xargs -r rm -f
 #
@@ -441,6 +451,8 @@ fi
 %{strongswan_libdir}/libhydra.so.0.0.0
 %{strongswan_libdir}/libcharon.so.0
 %{strongswan_libdir}/libcharon.so.0.0.0
+%{strongswan_libdir}/libradius.so.0
+%{strongswan_libdir}/libradius.so.0.0.0
 %{strongswan_libdir}/libsimaka.so.0
 %{strongswan_libdir}/libsimaka.so.0.0.0
 %{strongswan_libdir}/libstrongswan.so.0
@@ -452,6 +464,7 @@ fi
 %{strongswan_plugins}/libstrongswan-attr.so
 %{strongswan_plugins}/libstrongswan-attr-sql.so
 %{strongswan_plugins}/libstrongswan-blowfish.so
+%{strongswan_plugins}/libstrongswan-cmac.so
 %{strongswan_plugins}/libstrongswan-constraints.so
 %{strongswan_plugins}/libstrongswan-curl.so
 %{strongswan_plugins}/libstrongswan-des.so
@@ -478,7 +491,6 @@ fi
 %{strongswan_plugins}/libstrongswan-ha.so
 %{strongswan_plugins}/libstrongswan-hmac.so
 %{strongswan_plugins}/libstrongswan-kernel-netlink.so
-%{strongswan_plugins}/libstrongswan-kernel-netlink.so
 %{strongswan_plugins}/libstrongswan-ldap.so
 %{strongswan_plugins}/libstrongswan-md4.so
 %{strongswan_plugins}/libstrongswan-md5.so