diff --git a/0001-curl-7.87.0-header-file-regression.patch b/0001-curl-7.87.0-header-file-regression.patch
deleted file mode 100644
index 9c479dc..0000000
--- a/0001-curl-7.87.0-header-file-regression.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 613d3c45879636e88b88fcebee48dc77de345291 Mon Sep 17 00:00:00 2001
-From: Patrick Monnerat <patrick@monnerat.net>
-Date: Fri, 23 Dec 2022 15:35:27 +0100
-Subject: [PATCH] typecheck: accept expressions for option/info parameters
-
-As expressions can have side effects, evaluate only once.
-
-To enable deprecation reporting only once, get rid of the __typeof__
-use to define the local temporary variable and use the target type
-(CURLoption/CURLINFO). This also avoids multiple reports on type
-conflicts (if some) by the curlcheck_* macros.
-
-Note that CURLOPT_* and CURLINFO_* symbols may be deprecated, but not
-their values: a curl_easy_setopt call with an integer constant as option
-will never report a deprecation.
-
-Reported-by: Thomas Klausner
-Fixes #10148
-Closes #10149
-
-Upstream-commit: e2aed004302e51cfa5b6ce8c8ab65ef92aa83196
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- include/curl/typecheck-gcc.h | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h
-index bf655bb..85aa8b7 100644
---- a/include/curl/typecheck-gcc.h
-+++ b/include/curl/typecheck-gcc.h
-@@ -42,9 +42,8 @@
-  */
- #define curl_easy_setopt(handle, option, value)                         \
-   __extension__({                                                       \
--      CURL_IGNORE_DEPRECATION(__typeof__(option) _curl_opt = option;)   \
-+      CURLoption _curl_opt = (option);                                  \
-       if(__builtin_constant_p(_curl_opt)) {                             \
--        (void) option;                                                  \
-         CURL_IGNORE_DEPRECATION(                                        \
-           if(curlcheck_long_option(_curl_opt))                          \
-             if(!curlcheck_long(value))                                  \
-@@ -120,9 +119,8 @@
- /* wraps curl_easy_getinfo() with typechecking */
- #define curl_easy_getinfo(handle, info, arg)                            \
-   __extension__({                                                       \
--      CURL_IGNORE_DEPRECATION(__typeof__(info) _curl_info = info;)      \
-+      CURLINFO _curl_info = (info);                                     \
-       if(__builtin_constant_p(_curl_info)) {                            \
--        (void) info;                                                    \
-         CURL_IGNORE_DEPRECATION(                                        \
-           if(curlcheck_string_info(_curl_info))                         \
-             if(!curlcheck_arr((arg), char *))                           \
--- 
-2.39.0
-
diff --git a/curl.spec b/curl.spec
index 61f3004..7207a18 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.87.0
-Release: 4%{?dist}
+Version: 7.88.0
+Release: 1%{?dist}
 License: MIT
 Source0: https://curl.se/download/%{name}-%{version}.tar.xz
 Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
@@ -10,9 +10,6 @@ Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
 # which points to the GPG key as of April 7th 2016 of https://daniel.haxx.se/mykey.asc
 Source2: mykey.asc
 
-# fix regression in a public header file (#2162716)
-Patch1:   0001-curl-7.87.0-header-file-regression.patch
-
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -200,7 +197,6 @@ be installed.
 %setup -q
 
 # upstream patches
-%patch1 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -435,6 +431,12 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 
 %changelog
+* Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-1
+- new upstream release, which fixes the following vulnerabilities
+    CVE-2023-23916 - HTTP multi-header compression denial of service
+    CVE-2023-23915 - HSTS amnesia with --parallel
+    CVE-2023-23914 - HSTS ignored on multiple requests
+
 * Fri Jan 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-4
 - fix regression in a public header file (#2162716)
 
diff --git a/sources b/sources
index 7906eb7..5c159bb 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (curl-7.87.0.tar.xz) = aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7
-SHA512 (curl-7.87.0.tar.xz.asc) = 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4
+SHA512 (curl-7.88.0.tar.xz) = 2008cbc67694f746b7449f087a19b2a9a4950333d6bac1cdc7d80351aa38d8d9b442087dedbc7b0909a419d3b10f510521c942aac012d04a53c32bdb15dce5f0
+SHA512 (curl-7.88.0.tar.xz.asc) = 6f3d9a5f8fcec64652f872adf994ff3d0162fba1b483a0e359522173bf29ef3d26eeda7c328207fa1fa974a45e62674a3a8ebec21830ab3981b56851d5804ade