diff --git a/java-1.8.0-openjdk.spec b/java-1.8.0-openjdk.spec
index 96bf3bd..6bbd0a4 100644
--- a/java-1.8.0-openjdk.spec
+++ b/java-1.8.0-openjdk.spec
@@ -260,7 +260,7 @@
 %global updatever       %(VERSION=%{whole_update}; echo ${VERSION##*u})
 # eg jdk8u60-b27 -> b27
 %global buildver        %(VERSION=%{version_tag}; echo ${VERSION##*-})
-%global rpmrelease      1
+%global rpmrelease      2
 # Define milestone (EA for pre-releases, GA ("fcs") for releases)
 # Release will be (where N is usually a number starting at 1):
 # - 0.N%%{?extraver}%%{?dist} for EA releases,
@@ -1286,9 +1286,6 @@ Patch512: rh1649664-awt2dlibraries_compiled_with_no_strict_overflow.patch
 Patch523: pr2974-rh1337583-add_systemlineendings_option_to_keytool_and_use_line_separator_instead_of_crlf_in_pkcs10.patch
 # PR3083, RH1346460: Regression in SSL debug output without an ECC provider
 Patch528: pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_theres_no_ecc_provider.patch
-# RH1566890: CVE-2018-3639
-Patch529: rh1566890-CVE_2018_3639-speculative_store_bypass.patch
-Patch531: rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
 # PR3601: Fix additional -Wreturn-type issues introduced by 8061651
 Patch530: pr3601-fix_additional_Wreturn_type_issues_introduced_by_8061651_for_prims_jvm_cpp.patch
 # PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
@@ -1298,6 +1295,8 @@ Patch539: pr2888-openjdk_should_check_for_system_cacerts_database_eg_etc_pki_jav
 Patch400: pr3183-rh1340845-support_fedora_rhel_system_crypto_policy.patch
 # PR3655: Allow use of system crypto policy to be disabled by the user
 Patch401: pr3655-toggle_system_crypto_policy.patch
+# enable build of spectre/meltdown hardened alt-java
+Patch600: rh1750419-redhat_alt_java.patch
 # JDK-8218811: replace open by os::open in hotspot coding
 # This fixes a GCC 10 build issue
 Patch111: jdk8218811-perfMemory_linux.patch
@@ -1725,8 +1724,6 @@ sh %{SOURCE12}
 %patch512
 %patch523
 %patch528
-%patch529
-%patch531
 %patch530
 %patch571
 %patch574
@@ -1738,6 +1735,7 @@ sh %{SOURCE12}
 
 # RPM-only fixes
 %patch539
+%patch600
 %patch1000
 
 # RHEL-only patches
@@ -1941,11 +1939,8 @@ install -m 644 nss.cfg $JAVA_HOME/jre/lib/security/
 rm $JAVA_HOME/jre/lib/tzdb.dat
 ln -s %{_datadir}/javazi-1.8/tzdb.dat $JAVA_HOME/jre/lib/tzdb.dat
 
-# Create fake alt-java as a placeholder for future alt-java
-pushd ${JAVA_HOME}
-cp -a jre/bin/java jre/bin/%{alt_java_name}
-cp -a bin/java bin/%{alt_java_name}
 # add alt-java man page
+pushd ${JAVA_HOME}
 echo "Hardened java binary recommended for launching untrusted code from the Web e.g. javaws" > man/man1/%{alt_java_name}.1
 cat man/man1/java.1 >> man/man1/%{alt_java_name}.1
 popd
@@ -2425,6 +2420,14 @@ require "copy_jdk_configs.lua"
 %endif
 
 %changelog
+* Fri Nov 27 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.275.b01-2
+- added patch600, rh1750419-redhat_alt_java.patch 
+- Replaced alt-java palceholder by real pathced alt-java
+- remove patch529 rh1566890-CVE_2018_3639-speculative_store_bypass.patch
+- remove patch531 rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
+- both suprassed by new patch
+
+
 * Mon Nov 23 2020 Jiri Vanek <jvanek@redhat.com> - 1:1.8.0.275.b01-1
 - Created copy of java as alt-java and adapted alternatives and man pages
 
diff --git a/rh1566890-CVE_2018_3639-speculative_store_bypass.patch b/rh1566890-CVE_2018_3639-speculative_store_bypass.patch
deleted file mode 100644
index d8f3a5a..0000000
--- a/rh1566890-CVE_2018_3639-speculative_store_bypass.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-diff --git openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp openjdk/hotspot/src/os/linux/vm/os_linux.cpp
---- openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp
-+++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp
-@@ -103,6 +103,8 @@
- # include <inttypes.h>
- # include <sys/ioctl.h>
- 
-+#include <sys/prctl.h>
-+
- PRAGMA_FORMAT_MUTE_WARNINGS_FOR_GCC
- 
- #ifndef _GNU_SOURCE
-@@ -4997,6 +4999,31 @@
-   }
- }
- 
-+/* Per task speculation control */
-+#ifndef PR_GET_SPECULATION_CTRL
-+#define PR_GET_SPECULATION_CTRL    52
-+#endif
-+#ifndef PR_SET_SPECULATION_CTRL
-+#define PR_SET_SPECULATION_CTRL    53
-+#endif
-+/* Speculation control variants */
-+# undef PR_SPEC_STORE_BYPASS
-+# define PR_SPEC_STORE_BYPASS          0
-+/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
-+# undef PR_SPEC_NOT_AFFECTED
-+# undef PR_SPEC_PRCTL
-+# undef PR_SPEC_ENABLE
-+# undef PR_SPEC_DISABLE
-+# define PR_SPEC_NOT_AFFECTED          0
-+# define PR_SPEC_PRCTL                 (1UL << 0)
-+# define PR_SPEC_ENABLE                (1UL << 1)
-+# define PR_SPEC_DISABLE               (1UL << 2)
-+
-+static void set_speculation() __attribute__((constructor));
-+static void set_speculation() {
-+  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
-+}
-+
- // this is called _before_ most of the global arguments have been parsed
- void os::init(void) {
-   char dummy;   /* used to get a guess on initial stack address */
diff --git a/rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch b/rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
deleted file mode 100644
index 94ef9d4..0000000
--- a/rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-diff --git openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp openjdk/hotspot/src/os/linux/vm/os_linux.cpp
---- openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp
-+++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp
-@@ -5001,26 +5001,43 @@
- 
- /* Per task speculation control */
- #ifndef PR_GET_SPECULATION_CTRL
--#define PR_GET_SPECULATION_CTRL    52
-+# define PR_GET_SPECULATION_CTRL    52
- #endif
- #ifndef PR_SET_SPECULATION_CTRL
--#define PR_SET_SPECULATION_CTRL    53
-+# define PR_SET_SPECULATION_CTRL    53
- #endif
- /* Speculation control variants */
--# undef PR_SPEC_STORE_BYPASS
-+#ifndef PR_SPEC_STORE_BYPASS
- # define PR_SPEC_STORE_BYPASS          0
-+#endif
- /* Return and control values for PR_SET/GET_SPECULATION_CTRL */
--# undef PR_SPEC_NOT_AFFECTED
--# undef PR_SPEC_PRCTL
--# undef PR_SPEC_ENABLE
--# undef PR_SPEC_DISABLE
-+
-+#ifndef PR_SPEC_NOT_AFFECTED
- # define PR_SPEC_NOT_AFFECTED          0
-+#endif
-+#ifndef PR_SPEC_PRCTL
- # define PR_SPEC_PRCTL                 (1UL << 0)
-+#endif
-+#ifndef PR_SPEC_ENABLE
- # define PR_SPEC_ENABLE                (1UL << 1)
-+#endif
-+#ifndef PR_SPEC_DISABLE
- # define PR_SPEC_DISABLE               (1UL << 2)
-+#endif
-+#ifndef PR_SPEC_FORCE_DISABLE
-+# define PR_SPEC_FORCE_DISABLE         (1UL << 3)
-+#endif
-+#ifndef PR_SPEC_DISABLE_NOEXEC
-+# define PR_SPEC_DISABLE_NOEXEC        (1UL << 4)
-+#endif
- 
- static void set_speculation() __attribute__((constructor));
- static void set_speculation() {
-+  if ( prctl(PR_SET_SPECULATION_CTRL,
-+             PR_SPEC_STORE_BYPASS,
-+             PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
-+    return;
-+  }
-   prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
- }
- 
diff --git a/rh1750419-redhat_alt_java.patch b/rh1750419-redhat_alt_java.patch
new file mode 100644
index 0000000..5a7b2d8
--- /dev/null
+++ b/rh1750419-redhat_alt_java.patch
@@ -0,0 +1,115 @@
+diff -r 25e94aa812b2 make/CompileLaunchers.gmk
+--- openjdk/jdk/make/CompileLaunchers.gmk	Wed Feb 05 12:20:36 2020 -0300
++++ openjdk/jdk/make/CompileLaunchers.gmk	Tue Jun 02 17:15:28 2020 +0100
+@@ -234,6 +234,20 @@
+ 
+ BUILD_LAUNCHERS += $(JDK_OUTPUTDIR)/bin$(OUTPUT_SUBDIR)/java$(EXE_SUFFIX)
+ 
++$(eval $(call SetupLauncher,alt-java, \
++    -DEXPAND_CLASSPATH_WILDCARDS -DREDHAT_ALT_JAVA,,,user32.lib comctl32.lib, \
++    $(JDK_OUTPUTDIR)/objs/jli_static.lib, $(JAVA_RC_FLAGS), \
++    $(JDK_TOPDIR)/src/windows/resource/java.rc, $(JDK_OUTPUTDIR)/objs/java_objs,true))
++
++$(JDK_OUTPUTDIR)/bin$(OUTPUT_SUBDIR)/alt-java$(EXE_SUFFIX): $(BUILD_LAUNCHER_alt-java)
++	$(MKDIR) -p $(@D)
++	$(RM) $@
++	$(CP) $(JDK_OUTPUTDIR)/objs/java_objs$(OUTPUT_SUBDIR)/alt-java$(EXE_SUFFIX) $@
++
++ifeq ($(OPENJDK_TARGET_OS), linux)
++  BUILD_LAUNCHERS += $(JDK_OUTPUTDIR)/bin$(OUTPUT_SUBDIR)/alt-java$(EXE_SUFFIX)
++endif
++
+ ifeq ($(OPENJDK_TARGET_OS), windows)
+   $(eval $(call SetupLauncher,javaw, \
+       -DJAVAW -DEXPAND_CLASSPATH_WILDCARDS,,,user32.lib comctl32.lib, \
+diff -r 25e94aa812b2 src/share/bin/alt_main.h
+--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
++++ openjdk/jdk/src/share/bin/alt_main.h	Tue Jun 02 17:15:28 2020 +0100
+@@ -0,0 +1,73 @@
++/*
++ * Copyright (c) 2019, Red Hat, Inc. All rights reserved.
++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
++ *
++ * This code is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License version 2 only, as
++ * published by the Free Software Foundation.  Oracle designates this
++ * particular file as subject to the "Classpath" exception as provided
++ * by Oracle in the LICENSE file that accompanied this code.
++ *
++ * This code is distributed in the hope that it will be useful, but WITHOUT
++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
++ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
++ * version 2 for more details (a copy is included in the LICENSE file that
++ * accompanied this code).
++ *
++ * You should have received a copy of the GNU General Public License version
++ * 2 along with this work; if not, write to the Free Software Foundation,
++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
++ *
++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
++ * or visit www.oracle.com if you need additional information or have any
++ * questions.
++ */
++
++#ifdef REDHAT_ALT_JAVA
++
++#include <sys/prctl.h>
++
++
++/* Per task speculation control */
++#ifndef PR_GET_SPECULATION_CTRL
++# define PR_GET_SPECULATION_CTRL    52
++#endif
++#ifndef PR_SET_SPECULATION_CTRL
++# define PR_SET_SPECULATION_CTRL    53
++#endif
++/* Speculation control variants */
++#ifndef PR_SPEC_STORE_BYPASS
++# define PR_SPEC_STORE_BYPASS          0
++#endif
++/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
++
++#ifndef PR_SPEC_NOT_AFFECTED
++# define PR_SPEC_NOT_AFFECTED          0
++#endif
++#ifndef PR_SPEC_PRCTL
++# define PR_SPEC_PRCTL                 (1UL << 0)
++#endif
++#ifndef PR_SPEC_ENABLE
++# define PR_SPEC_ENABLE                (1UL << 1)
++#endif
++#ifndef PR_SPEC_DISABLE
++# define PR_SPEC_DISABLE               (1UL << 2)
++#endif
++#ifndef PR_SPEC_FORCE_DISABLE
++# define PR_SPEC_FORCE_DISABLE         (1UL << 3)
++#endif
++#ifndef PR_SPEC_DISABLE_NOEXEC
++# define PR_SPEC_DISABLE_NOEXEC        (1UL << 4)
++#endif
++
++static void set_speculation() __attribute__((constructor));
++static void set_speculation() {
++  if ( prctl(PR_SET_SPECULATION_CTRL,
++             PR_SPEC_STORE_BYPASS,
++             PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
++    return;
++  }
++  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
++}
++
++#endif // REDHAT_ALT_JAVA
+diff -r 25e94aa812b2 src/share/bin/main.c
+--- openjdk/jdk/src/share/bin/main.c	Wed Feb 05 12:20:36 2020 -0300
++++ openjdk/jdk/src/share/bin/main.c	Tue Jun 02 17:15:28 2020 +0100
+@@ -32,6 +32,10 @@
+ 
+ #include "defines.h"
+ 
++#if defined(linux) && defined(__x86_64)
++#include "alt_main.h"
++#endif
++
+ #ifdef _MSC_VER
+ #if _MSC_VER > 1400 && _MSC_VER < 1600
+