diff --git a/.gitignore b/.gitignore
index ba494e6..10bfc66 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,3 +34,5 @@ gnupg-2.0.16.tar.bz2.sig
 /gnupg-2.1.8.tar.bz2.sig
 /gnupg-2.1.9.tar.bz2
 /gnupg-2.1.9.tar.bz2.sig
+/gnupg-2.1.10.tar.bz2
+/gnupg-2.1.10.tar.bz2.sig
diff --git a/gnupg-2.1.10-build.patch b/gnupg-2.1.10-build.patch
new file mode 100644
index 0000000..3252b90
--- /dev/null
+++ b/gnupg-2.1.10-build.patch
@@ -0,0 +1,56 @@
+diff -up gnupg-2.1.10/dirmngr/Makefile.am.build gnupg-2.1.10/dirmngr/Makefile.am
+--- gnupg-2.1.10/dirmngr/Makefile.am.build	2015-11-30 17:39:52.000000000 +0100
++++ gnupg-2.1.10/dirmngr/Makefile.am	2015-12-07 16:14:06.865576290 +0100
+@@ -131,7 +131,7 @@ endif
+ t_http_SOURCES = t-http.c http.c dns-stuff.c
+ t_http_CFLAGS  = -DWITHOUT_NPTH=1 \
+ 	         $(LIBGCRYPT_CFLAGS) $(NTBTLS_CFLAGS) $(LIBGNUTLS_CFLAGS) \
+-                 $(GPG_ERROR_CFLAGS)
++                 $(GPG_ERROR_CFLAGS) $(LIBASSUAN_CFLAGS)
+ t_http_LDADD   = $(t_common_ldadd) \
+ 	         $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(DNSLIBS)
+ 
+@@ -139,7 +139,7 @@ t_ldap_parse_uri_SOURCES = \
+ 	t-ldap-parse-uri.c ldap-parse-uri.c ldap-parse-uri.h \
+         http.c dns-stuff.c \
+         $(ldap_url) $(t_common_src)
+-t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1
++t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(LIBASSUAN_CFLAGS)
+ t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS)
+ 
+ t_dns_stuff_CFLAGS = -DWITHOUT_NPTH=1
+diff -up gnupg-2.1.10/dirmngr/Makefile.in.build gnupg-2.1.10/dirmngr/Makefile.in
+--- gnupg-2.1.10/dirmngr/Makefile.in.build	2015-12-04 10:57:05.000000000 +0100
++++ gnupg-2.1.10/dirmngr/Makefile.in	2015-12-07 16:14:06.866576314 +0100
+@@ -608,7 +608,7 @@ module_tests = t-dns-stuff $(am__append_
+ t_http_SOURCES = t-http.c http.c dns-stuff.c
+ t_http_CFLAGS = -DWITHOUT_NPTH=1 \
+ 	         $(LIBGCRYPT_CFLAGS) $(NTBTLS_CFLAGS) $(LIBGNUTLS_CFLAGS) \
+-                 $(GPG_ERROR_CFLAGS)
++                 $(GPG_ERROR_CFLAGS) $(LIBASSUAN_CFLAGS)
+ 
+ t_http_LDADD = $(t_common_ldadd) \
+ 	         $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(DNSLIBS)
+@@ -618,7 +618,7 @@ t_ldap_parse_uri_SOURCES = \
+         http.c dns-stuff.c \
+         $(ldap_url) $(t_common_src)
+ 
+-t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1
++t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(LIBASSUAN_CFLAGS)
+ t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS)
+ t_dns_stuff_CFLAGS = -DWITHOUT_NPTH=1
+ t_dns_stuff_SOURCES = t-dns-stuff.c dns-stuff.c
+diff -up gnupg-2.1.10/tests/openpgp/gpgtar.test.build gnupg-2.1.10/tests/openpgp/gpgtar.test
+--- gnupg-2.1.10/tests/openpgp/gpgtar.test.build	2015-11-30 17:39:52.000000000 +0100
++++ gnupg-2.1.10/tests/openpgp/gpgtar.test	2015-12-07 16:29:25.625224112 +0100
+@@ -30,6 +30,10 @@ GPGARGS="--trust-model=always"
+ GPGTAR="../../tools/gpgtar"
+ GPGZIP="sh ../../tools/gpg-zip"
+ 
++if [ ! -f "$GPGTAR" ] ; then
++    exit 77
++fi
++
+ for TOOL in "$GPGTAR" "$GPGZIP"
+ do
+     rm -rf -- "${TESTDIR}"
diff --git a/gnupg-2.1.3-file-is-digest.patch b/gnupg-2.1.10-file-is-digest.patch
similarity index 74%
rename from gnupg-2.1.3-file-is-digest.patch
rename to gnupg-2.1.10-file-is-digest.patch
index fb4e34f..ed2bb6c 100644
--- a/gnupg-2.1.3-file-is-digest.patch
+++ b/gnupg-2.1.10-file-is-digest.patch
@@ -1,7 +1,7 @@
-diff -up gnupg-2.1.3/g10/gpg.c.file-is-digest gnupg-2.1.3/g10/gpg.c
---- gnupg-2.1.3/g10/gpg.c.file-is-digest	2015-04-16 17:54:20.327168135 +0200
-+++ gnupg-2.1.3/g10/gpg.c	2015-04-16 17:54:20.330168205 +0200
-@@ -352,6 +352,7 @@ enum cmd_and_opt_values
+diff -up gnupg-2.1.10/g10/gpg.c.file-is-digest gnupg-2.1.10/g10/gpg.c
+--- gnupg-2.1.10/g10/gpg.c.file-is-digest	2015-12-07 15:34:19.552188024 +0100
++++ gnupg-2.1.10/g10/gpg.c	2015-12-07 15:36:56.977904083 +0100
+@@ -355,6 +355,7 @@ enum cmd_and_opt_values
      oTTYtype,
      oLCctype,
      oLCmessages,
@@ -9,23 +9,23 @@ diff -up gnupg-2.1.3/g10/gpg.c.file-is-digest gnupg-2.1.3/g10/gpg.c
      oXauthority,
      oGroup,
      oUnGroup,
-@@ -738,6 +739,7 @@ static ARGPARSE_OPTS opts[] = {
+@@ -754,6 +755,7 @@ static ARGPARSE_OPTS opts[] = {
    ARGPARSE_s_s (oPersonalCompressPreferences,
                                           "personal-compress-preferences", "@"),
    ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
 +  ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"),
- 
-   /* Aliases.  I constantly mistype these, and assume other people do
-      as well. */
-@@ -2149,6 +2151,7 @@ main (int argc, char **argv)
+   ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
+   ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
+   ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
+@@ -2484,6 +2486,7 @@ main (int argc, char **argv)
      set_homedir (default_homedir ());
      opt.passphrase_repeat = 1;
      opt.emit_version = 1; /* Limit to the major number.  */
 +    opt.file_is_digest=0;
+     opt.weak_digests = NULL;
+     additional_weak_digest("MD5");
  
-     /* Check whether we have a config file on the command line.  */
-     orig_argc = argc;
-@@ -2661,6 +2664,7 @@ main (int argc, char **argv)
+@@ -3022,6 +3025,7 @@ main (int argc, char **argv)
  	    opt.verify_options&=~VERIFY_SHOW_PHOTOS;
  	    break;
  	  case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
@@ -33,10 +33,10 @@ diff -up gnupg-2.1.3/g10/gpg.c.file-is-digest gnupg-2.1.3/g10/gpg.c
  
  	  case oForceMDC: opt.force_mdc = 1; break;
  	  case oNoForceMDC: opt.force_mdc = 0; break;
-diff -up gnupg-2.1.3/g10/options.h.file-is-digest gnupg-2.1.3/g10/options.h
---- gnupg-2.1.3/g10/options.h.file-is-digest	2015-04-06 13:41:53.000000000 +0200
-+++ gnupg-2.1.3/g10/options.h	2015-04-16 17:54:20.330168205 +0200
-@@ -194,6 +194,7 @@ struct
+diff -up gnupg-2.1.10/g10/options.h.file-is-digest gnupg-2.1.10/g10/options.h
+--- gnupg-2.1.10/g10/options.h.file-is-digest	2015-11-30 17:39:52.000000000 +0100
++++ gnupg-2.1.10/g10/options.h	2015-12-07 15:34:19.555188095 +0100
+@@ -205,6 +205,7 @@ struct
    int no_auto_check_trustdb;
    int preserve_permissions;
    int no_homedir_creation;
@@ -44,9 +44,9 @@ diff -up gnupg-2.1.3/g10/options.h.file-is-digest gnupg-2.1.3/g10/options.h
    struct groupitem *grouplist;
    int mangle_dos_filenames;
    int enable_progress_filter;
-diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
---- gnupg-2.1.3/g10/sign.c.file-is-digest	2015-04-05 19:43:32.000000000 +0200
-+++ gnupg-2.1.3/g10/sign.c	2015-04-16 17:56:08.764693096 +0200
+diff -up gnupg-2.1.10/g10/sign.c.file-is-digest gnupg-2.1.10/g10/sign.c
+--- gnupg-2.1.10/g10/sign.c.file-is-digest	2015-11-30 17:39:52.000000000 +0100
++++ gnupg-2.1.10/g10/sign.c	2015-12-07 15:34:19.555188095 +0100
 @@ -41,6 +41,7 @@
  #include "pkglue.h"
  #include "sysutils.h"
@@ -55,7 +55,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  
  
  #ifdef HAVE_DOSISH_SYSTEM
-@@ -706,8 +707,12 @@ write_signature_packets (SK_LIST sk_list
+@@ -681,8 +682,12 @@ write_signature_packets (SK_LIST sk_list
            mk_notation_policy_etc (sig, NULL, pk);
          }
  
@@ -70,7 +70,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  
        rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
        gcry_md_close (md);
-@@ -765,6 +770,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -740,6 +745,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
      SK_LIST sk_rover = NULL;
      int multifile = 0;
      u32 duration=0;
@@ -79,7 +79,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  
      pfx = new_progress_context ();
      afx = new_armor_context ();
-@@ -781,7 +788,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -756,7 +763,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
  	fname = NULL;
  
      if( fname && filenames->next && (!detached || encryptflag) )
@@ -97,7 +97,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  
      if(encryptflag==2
         && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
-@@ -802,7 +818,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -777,7 +793,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
        goto leave;
  
      /* prepare iobufs */
@@ -106,7 +106,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  	inp = NULL; /* we do it later */
      else {
        inp = iobuf_open(fname);
-@@ -940,7 +956,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -915,7 +931,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
      for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
        gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
  
@@ -115,7 +115,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  	iobuf_push_filter( inp, md_filter, &mfx );
  
      if( detached && !encryptflag)
-@@ -995,6 +1011,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -970,6 +986,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
  
      write_status_begin_signing (mfx.md);
  
@@ -124,7 +124,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
      /* Setup the inner packet. */
      if( detached ) {
  	if( multifile ) {
-@@ -1035,6 +1053,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -1010,6 +1028,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
  	    if( opt.verbose )
                log_printf ("\n");
  	}
@@ -170,7 +170,7 @@ diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
  	else {
  	    /* read, so that the filter can calculate the digest */
  	    while( iobuf_get(inp) != -1 )
-@@ -1052,8 +1109,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
+@@ -1027,8 +1084,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
  
      /* write the signatures */
      rc = write_signature_packets (sk_list, out, mfx.md,
diff --git a/gnupg-2.0.20-secmem.patch b/gnupg-2.1.10-secmem.patch
similarity index 50%
rename from gnupg-2.0.20-secmem.patch
rename to gnupg-2.1.10-secmem.patch
index 9b115d6..e263509 100644
--- a/gnupg-2.0.20-secmem.patch
+++ b/gnupg-2.1.10-secmem.patch
@@ -1,7 +1,7 @@
-diff -up gnupg-2.0.20/g10/gpg.c.secmem gnupg-2.0.20/g10/gpg.c
---- gnupg-2.0.20/g10/gpg.c.secmem	2013-05-10 14:55:46.000000000 +0200
-+++ gnupg-2.0.20/g10/gpg.c	2013-05-15 14:13:50.989541530 +0200
-@@ -794,7 +794,7 @@ make_libversion (const char *libname, co
+diff -up gnupg-2.1.10/g10/gpg.c.secmem gnupg-2.1.10/g10/gpg.c
+--- gnupg-2.1.10/g10/gpg.c.secmem	2015-12-04 10:53:27.000000000 +0100
++++ gnupg-2.1.10/g10/gpg.c	2015-12-07 15:32:38.922812652 +0100
+@@ -889,7 +889,7 @@ make_libversion (const char *libname, co
  
    if (maybe_setuid)
      {
@@ -10,19 +10,19 @@ diff -up gnupg-2.0.20/g10/gpg.c.secmem gnupg-2.0.20/g10/gpg.c
        maybe_setuid = 0;
      }
    s = getfnc (NULL);
-@@ -898,7 +898,7 @@ build_list (const char *text, char lette
+@@ -1041,7 +1041,7 @@ build_list (const char *text, char lette
    char *string;
  
    if (maybe_setuid)
 -    gcry_control (GCRYCTL_INIT_SECMEM, 0, 0);  /* Drop setuid. */
 +    gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0);  /* Drop setuid. */
  
-   indent = utf8_charcount (text);
+   indent = utf8_charcount (text, -1);
    len = 0;
-diff -up gnupg-2.0.20/sm/gpgsm.c.secmem gnupg-2.0.20/sm/gpgsm.c
---- gnupg-2.0.20/sm/gpgsm.c.secmem	2013-05-10 14:55:49.000000000 +0200
-+++ gnupg-2.0.20/sm/gpgsm.c	2013-05-15 14:11:18.819249598 +0200
-@@ -493,7 +493,7 @@ make_libversion (const char *libname, co
+diff -up gnupg-2.1.10/sm/gpgsm.c.secmem gnupg-2.1.10/sm/gpgsm.c
+--- gnupg-2.1.10/sm/gpgsm.c.secmem	2015-11-30 17:39:52.000000000 +0100
++++ gnupg-2.1.10/sm/gpgsm.c	2015-12-07 15:31:17.226884207 +0100
+@@ -530,7 +530,7 @@ make_libversion (const char *libname, co
  
    if (maybe_setuid)
      {
diff --git a/gnupg2.spec b/gnupg2.spec
index 5a61c00..906fdce 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -1,6 +1,6 @@
 Summary: Utility for secure communication and data storage
 Name:    gnupg2
-Version: 2.1.9
+Version: 2.1.10
 Release: 1%{?dist}
 
 License: GPLv3+
@@ -10,11 +10,13 @@ Source1: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.
 # svn export svn://cvs.gnupg.org/gnupg/trunk gnupg2; tar cjf gnupg-<date>svn.tar.bz2 gnupg2
 #Source0: gnupg2-20090809svn.tar.bz2
 Patch1:  gnupg-2.0.20-insttools.patch
-Patch3:  gnupg-2.0.20-secmem.patch
+# needed for compatibility with system FIPS mode
+Patch3:  gnupg-2.1.10-secmem.patch
 # non-upstreamable patch adding file-is-digest option needed for Copr
-Patch4:  gnupg-2.1.3-file-is-digest.patch
+Patch4:  gnupg-2.1.10-file-is-digest.patch
 Patch5:  gnupg-2.1.1-ocsp-keyusage.patch
 Patch6:  gnupg-2.1.1-fips-algo.patch
+Patch7:  gnupg-2.1.10-build.patch
 
 URL:     http://www.gnupg.org/
 
@@ -34,6 +36,8 @@ BuildRequires: npth-devel
 BuildRequires: readline-devel ncurses-devel
 BuildRequires: zlib-devel
 BuildRequires: gnutls-devel
+BuildRequires: sqlite-devel
+BuildRequires: fuse
 
 Requires(post): /sbin/install-info
 Requires(postun): /sbin/install-info
@@ -85,6 +89,7 @@ to the base GnuPG package
 %patch4 -p1 -b .file-is-digest
 %patch5 -p1 -b .keyusage
 %patch6 -p1 -b .fips
+%patch7 -p1 -b .build
 
 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,
@@ -99,6 +104,7 @@ sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/scdaemon.c
 %configure \
   --disable-rpath \
   --disable-gpgtar \
+  --enable-g13 \
   --enable-standard-socket
 
 # need scratch gpg database for tests
@@ -207,6 +213,9 @@ fi
 
 
 %changelog
+* Mon Dec  7 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.10-1
+- upgrade to 2.1.10
+
 * Mon Oct 12 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.9-1
 - upgrade to 2.1.9
 
diff --git a/sources b/sources
index 1a9799e..df46e80 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-0aabfec527b4b0b11a823c8a8ef9a9ab  gnupg-2.1.9.tar.bz2
-47c2222a4c9ac1e424fedcc76d9e8e70  gnupg-2.1.9.tar.bz2.sig
+f0a7cb09fe119f8b82eba7efecd27dc0  gnupg-2.1.10.tar.bz2
+a57f611b9393e20cc40af6959d3e1084  gnupg-2.1.10.tar.bz2.sig