diff --git a/.cvsignore b/.cvsignore
index 979e26b..70e087b 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-gnutls-2.6.2-nosrp.tar.bz2
+gnutls-2.6.3-nosrp.tar.bz2
diff --git a/gnutls-2.6.2-chain-verify.patch b/gnutls-2.6.2-chain-verify.patch
deleted file mode 100644
index 529b160..0000000
--- a/gnutls-2.6.2-chain-verify.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff -up gnutls-2.6.2/lib/x509/verify.c.chain-verify gnutls-2.6.2/lib/x509/verify.c
---- gnutls-2.6.2/lib/x509/verify.c.chain-verify	2008-11-12 15:01:46.000000000 +0100
-+++ gnutls-2.6.2/lib/x509/verify.c	2008-12-04 14:35:52.000000000 +0100
-@@ -374,6 +374,17 @@ _gnutls_x509_verify_certificate (const g
-   int i = 0, ret;
-   unsigned int status = 0, output;
- 
-+  /* Check if the last certificate in the path is self signed.
-+   * In that case ignore it (a certificate is trusted only if it
-+   * leads to a trusted party by us, not the server's).
-+   */
-+  if (clist_size > 1 &&
-+      gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
-+				    certificate_list[clist_size - 1]) > 0)
-+    {
-+      clist_size--;
-+    }
-+
-   /* Verify the last certificate in the certificate path
-    * against the trusted CA certificate list.
-    *
diff --git a/gnutls.spec b/gnutls.spec
index 112b6b6..72eedeb 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -1,6 +1,6 @@
 Summary: A TLS protocol implementation
 Name: gnutls
-Version: 2.6.2
+Version: 2.6.3
 Release: 1%{?dist}
 # The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv3+
 License: GPLv3+ and LGPLv2+
@@ -16,7 +16,6 @@ URL: http://www.gnutls.org/
 Source0: %{name}-%{version}-nosrp.tar.bz2
 Source1: libgnutls-config
 Patch1: gnutls-2.6.2-nosrp.patch
-Patch5: gnutls-2.6.2-chain-verify.patch
 
 BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: libgcrypt >= 1.2.2
@@ -69,7 +68,6 @@ This package contains Guile bindings for the library.
 %prep
 %setup -q
 %patch1 -p1 -b .nosrp
-%patch5 -p1 -b .chain-verify
 
 for i in auth_srp_rsa.c auth_srp_sb64.c auth_srp_passwd.c auth_srp.c gnutls_srp.c ext_srp.c; do
     touch lib/$i
@@ -142,6 +140,7 @@ fi
 %{_bindir}/psktool
 %{_bindir}/gnutls*
 %{_mandir}/man1/*
+%doc doc/certtool.cfg
 
 %files guile
 %defattr(-,root,root,-)
@@ -150,6 +149,9 @@ fi
 %{_datadir}/guile/site/gnutls.scm
 
 %changelog
+* Mon Dec 15 2008 Tomas Mraz <tmraz@redhat.com> 2.6.3-1
+- upgrade to a new upstream version
+
 * Thu Dec  4 2008 Tomas Mraz <tmraz@redhat.com> 2.6.2-1
 - upgrade to a new upstream version
 
diff --git a/sources b/sources
index 9fd6cc3..ba1afc5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-b74cfcc8af6a81fa3a51fc798660af0b  gnutls-2.6.2-nosrp.tar.bz2
+4220e4d71c1ce663aa462a0477768a2d  gnutls-2.6.3-nosrp.tar.bz2