diff --git a/tar-1.15.1-CVE-2001-1267.patch b/tar-1.15.1-CVE-2001-1267.patch
deleted file mode 100644
index 9836388..0000000
--- a/tar-1.15.1-CVE-2001-1267.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- src/names.c
-+++ src/names.c
-@@ -1152,11 +1152,10 @@
-       if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
- 	return 1;
- 
--      do
-+      while (! ISSLASH (*p))
- 	{
- 	  if (! *p++)
- 	    return 0;
- 	}
--      while (! ISSLASH (*p));
-     }
- }
diff --git a/tar-1.17-paxlib-owl-alloca.patch b/tar-1.17-paxlib-owl-alloca.patch
deleted file mode 100644
index cc86091..0000000
--- a/tar-1.17-paxlib-owl-alloca.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-Patch from Sergey Poznyakoff <gray@mirddin.farlep.net> for cpio
-based on patch:
-2007-08-15  Dmitry V. Levin <ldv@owl.openwall.com>
-
-        Do not use alloca to avoid stack overflow with untrusted input.
-
-        * lib/paxnames.c (hash_string_insert_direct): New function.
-        (hash_string_insert): Use it.
-        (hash_string_insert_data): New function.
-        (safer_name_suffix): Use it instead of hash_string_insert()
-        and alloca().
-
-Index: lib/paxnames.c
-===================================================================
---- lib/paxnames.c.orig
-+++ lib/paxnames.c
-@@ -36,15 +36,27 @@ hash_string_compare (void const *name1, 
-   return strcmp (name1, name2) == 0;
- }
- 
--/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
--   copy of STRING to TABLE and return 1.  */
--bool
--hash_string_insert (Hash_table **table, char const *string)
-+/* Return zero if TABLE contains a LEN-character long prefix of STRING,
-+   otherwise, insert a newly allocated copy of this prefix to TABLE and
-+   return 1.  If RETURN_PREFIX is not NULL, point it to the allocated
-+   copy. */
-+static bool
-+hash_string_insert_prefix (Hash_table **table, char const *string, size_t len,
-+                          const char **return_prefix)
- {
-   Hash_table *t = *table;
--  char *s = xstrdup (string);
-+  char *s;
-   char *e;
- 
-+  if (len)
-+    {
-+      s = xmalloc (len + 1);
-+      memcpy (s, string, len);
-+      s[len] = 0;
-+    }
-+  else
-+    s = xstrdup (string);
-+
-   if (! ((t
- 	  || (*table = t = hash_initialize (0, 0, hash_string_hasher,
- 					    hash_string_compare, 0)))
-@@ -52,7 +64,11 @@ hash_string_insert (Hash_table **table, 
-     xalloc_die ();
- 
-   if (e == s)
--    return 1;
-+    {
-+      if (return_prefix)
-+       *return_prefix = s;
-+      return 1;
-+    }
-   else
-     {
-       free (s);
-@@ -60,6 +76,14 @@ hash_string_insert (Hash_table **table, 
-     }
- }
- 
-+/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
-+   copy of STRING to TABLE and return 1.  */
-+bool
-+hash_string_insert (Hash_table **table, char const *string)
-+{
-+  return hash_string_insert_prefix (table, string, 0, NULL);
-+}
-+
- /* Return 1 if TABLE contains STRING.  */
- bool
- hash_string_lookup (Hash_table const *table, char const *string)
-@@ -88,7 +112,8 @@ removed_prefixes_p (void)
-    If ABSOLUTE_NAMES is 0, strip filesystem prefix from the file name. */
- 
- char *
--safer_name_suffix (char const *file_name, bool link_target, bool absolute_names)
-+safer_name_suffix (char const *file_name, bool link_target,
-+                  bool absolute_names)
- {
-   char const *p;
- 
-@@ -121,11 +146,9 @@ safer_name_suffix (char const *file_name
- 
-       if (prefix_len)
- 	{
--	  char *prefix = alloca (prefix_len + 1);
--	  memcpy (prefix, file_name, prefix_len);
--	  prefix[prefix_len] = '\0';
--
--	  if (hash_string_insert (&prefix_table[link_target], prefix))
-+         const char *prefix;
-+         if (hash_string_insert_prefix (&prefix_table[link_target], file_name,
-+                                        prefix_len, &prefix))
- 	    {
- 	      static char const *const diagnostic[] =
- 	      {
diff --git a/tar-1.18.tar.bz2 b/tar-1.18.tar.bz2
deleted file mode 100644
index d35f090..0000000
--- a/tar-1.18.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:44944ee0427c8e0d8dbaa0b8f900073a7456819610cc521c53630c3eb117cf5e
-size 1877207
diff --git a/tar-1.19.tar.bz2 b/tar-1.19.tar.bz2
new file mode 100644
index 0000000..942a5d5
--- /dev/null
+++ b/tar-1.19.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c690d46da77b1ee07b7c758de46d6d07da698a75e63ed3e8f83e3fca8f809cb4
+size 1882486
diff --git a/tar.changes b/tar.changes
index 371f60e..558a5ce 100644
--- a/tar.changes
+++ b/tar.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Wed Nov 14 18:09:03 CET 2007 - mkoenig@suse.de
+
+- update to version 1.19
+  * New option --exclude-vcs
+  * --exclude-tag and --exclude-cache options now work under
+    incremental archives
+  * Fix handling of renamed files in listed incremental archives
+  * Fix --version output
+  * Recognition of broken archives
+- merged patches:
+  tar-1.15.1-CVE-2001-1267.patch
+  tar-1.17-paxlib-owl-alloca.patch 
+
 -------------------------------------------------------------------
 Fri Oct  5 16:06:49 CEST 2007 - mkoenig@suse.de
 
diff --git a/tar.spec b/tar.spec
index 46a585e..5786cfe 100644
--- a/tar.spec
+++ b/tar.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package tar (Version 1.18)
+# spec file for package tar (Version 1.19)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@@ -18,16 +18,13 @@ Group:          System/Base
 Provides:       base:/bin/tar
 PreReq:         %install_info_prereq
 AutoReqProv:    on
-Version:        1.18
+Version:        1.19
 Release:        1
 Summary:        GNU implementation of tar ((t)ape (ar)chiver)
 Source0:        %name-%version.tar.bz2
 Patch0:         tar-disable_languages.patch
 Patch1:         tar-disable-listed02-test.diff
 Patch2:         tar-manpage.patch
-#Patch3:         tar-1.17-testsuite12.patch	
-Patch4:         tar-1.17-paxlib-owl-alloca.patch	
-Patch5:         tar-1.15.1-CVE-2001-1267.patch
 Patch6:         tar-gcc43.patch	
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %define _bindir  /bin
@@ -67,8 +64,6 @@ Authors:
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
-%patch4
-%patch5 -p0
 %patch6
 
 %build
@@ -109,6 +104,17 @@ rm -r %buildroot/usr/libexec
 %clean
 rm -rf $RPM_BUILD_ROOT
 %changelog
+* Wed Nov 14 2007 - mkoenig@suse.de
+- update to version 1.19
+  * New option --exclude-vcs
+  * --exclude-tag and --exclude-cache options now work under
+  incremental archives
+  * Fix handling of renamed files in listed incremental archives
+  * Fix --version output
+  * Recognition of broken archives
+- merged patches:
+  tar-1.15.1-CVE-2001-1267.patch
+  tar-1.17-paxlib-owl-alloca.patch
 * Fri Oct 05 2007 - mkoenig@suse.de
 - update to version 1.18
   Licensed under the GPLv3