diff --git a/.files b/.files
index 75fe4d1..db19bb2 100644
Binary files a/.files and b/.files differ
diff --git a/.rev b/.rev
index fda3667..4d1efe4 100644
--- a/.rev
+++ b/.rev
@@ -715,4 +715,12 @@ numbers for further reference.
     <comment></comment>
     <requestid>793006</requestid>
   </revision>
+  <revision rev="61" vrev="1">
+    <srcmd5>8b89dbe876a77b889496e5dff971818c</srcmd5>
+    <version>2.9.7</version>
+    <time>1587660041</time>
+    <user>dimstar_suse</user>
+    <comment></comment>
+    <requestid>796589</requestid>
+  </revision>
 </revisionlist>
diff --git a/ansible-2.9.6.tar.gz b/ansible-2.9.6.tar.gz
deleted file mode 120000
index 3224f4f..0000000
--- a/ansible-2.9.6.tar.gz
+++ /dev/null
@@ -1 +0,0 @@
-/ipfs/bafybeidzpax3iem5yppjktsngnjpomxklmqegmpergsww4obat7w55tn6a
\ No newline at end of file
diff --git a/ansible-2.9.6.tar.gz.sha b/ansible-2.9.6.tar.gz.sha
deleted file mode 100644
index fb21375..0000000
--- a/ansible-2.9.6.tar.gz.sha
+++ /dev/null
@@ -1 +0,0 @@
-59cf3a0781f89992d1dae5205b07e802dff1db205eebd238de9e503b62b8cbc9  ansible-2.9.6.tar.gz
diff --git a/ansible-2.9.7.tar.gz b/ansible-2.9.7.tar.gz
new file mode 120000
index 0000000..e094546
--- /dev/null
+++ b/ansible-2.9.7.tar.gz
@@ -0,0 +1 @@
+/ipfs/bafybeic32js2q6hfnpcsv2h3ffi4yrokpibpajjl4w7dqw3wytoeh7n3vq
\ No newline at end of file
diff --git a/ansible-2.9.7.tar.gz.sha b/ansible-2.9.7.tar.gz.sha
new file mode 100644
index 0000000..5f3d3f2
--- /dev/null
+++ b/ansible-2.9.7.tar.gz.sha
@@ -0,0 +1 @@
+7222ce925536a25b2912364e13b03a3e21dbf2f96799ebff304f48509324de7b  ansible-2.9.7.tar.gz
diff --git a/ansible.changes b/ansible.changes
index aefd87f..1c389ba 100644
--- a/ansible.changes
+++ b/ansible.changes
@@ -1,4 +1,20 @@
 -------------------------------------------------------------------
+Fri Apr 17 06:49:56 UTC 2020 - Michael Ströder <michael@stroeder.com>
+
+- update to version 2.9.7 with many bug fixes,
+  especially for these security issues:
+  * CVE-2020-1733  - insecure temporary directory when running become_user from become directive
+  * CVE-2020-1735  - path injection on dest parameter in fetch module
+  * CVE-2020-1737  - Extract-Zip function in win_unzip module does not check extracted path
+  * CVE-2020-1739  - svn module leaks password when specified as a parameter
+  * CVE-2020-1740  - secrets readable after ansible-vault edit
+  * CVE-2020-1746  - information disclosure issue in ldap_attr and ldap_entry modules
+  * CVE-2020-1753  - kubectl connection plugin leaks sensitive information [1]
+  * CVE-2020-10684 - code injection when using ansible_facts as a subkey
+  * CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up
+  * CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
+
+-------------------------------------------------------------------
 Mon Apr  6 20:45:04 UTC 2020 - lars@linux-schulserver.de - 2.9.6
 
 - create missing (empty) template and files directories for 
diff --git a/ansible.spec b/ansible.spec
index 19a77da..52c5a80 100644
--- a/ansible.spec
+++ b/ansible.spec
@@ -55,7 +55,7 @@
 
 
 Name:           ansible
-Version:        2.9.6
+Version:        2.9.7
 Release:        0
 Summary:        SSH-based configuration management, deployment, and task execution system
 License:        GPL-3.0-or-later
