diff --git a/.gitignore b/.gitignore
index ec46476..814f529 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 SOURCES/libksba-1.5.1.tar.bz2
+SOURCES/libksba-1.5.1.tar.bz2.sig
diff --git a/.libksba.metadata b/.libksba.metadata
index f7d66c2..2691f58 100644
--- a/.libksba.metadata
+++ b/.libksba.metadata
@@ -1 +1,2 @@
 740ac2551b33110e879aff100c6a6749284daf97 SOURCES/libksba-1.5.1.tar.bz2
+c04e66bd480ff66f811d8e71c06ae5f1421418c0 SOURCES/libksba-1.5.1.tar.bz2.sig
diff --git a/SOURCES/libksba-1.5.1-coverity.patch b/SOURCES/libksba-1.5.1-coverity.patch
index 0baca3e..954a4bd 100644
--- a/SOURCES/libksba-1.5.1-coverity.patch
+++ b/SOURCES/libksba-1.5.1-coverity.patch
@@ -155,3 +155,34 @@ index 1b72bf0..81c31ed 100644
 -- 
 2.30.2
 
+From 75e94db38ccd9ed166b40fb2d8aaed7c094cff69 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Mon, 12 Feb 2024 09:52:43 +0100
+Subject: [PATCH] der-builder: Fix possible uninitialized variable.
+
+* src/der-builder.c (_ksba_der_builder_get): Initialize ERR.
+
+--
+
+GnuPG-bug-id: 6992
+Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+---
+ src/der-builder.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/der-builder.c b/src/der-builder.c
+index 768bd0f..d136bb8 100644
+--- a/src/der-builder.c
++++ b/src/der-builder.c
+@@ -549,7 +549,7 @@ compute_lengths (ksba_der_t d, int idx)
+ gpg_error_t
+ _ksba_der_builder_get (ksba_der_t d, unsigned char **r_obj, size_t *r_objlen)
+ {
+-  gpg_error_t err;
++  gpg_error_t err = 0;
+   int idx;
+   unsigned char *buffer = NULL;
+   unsigned char *p;
+-- 
+2.45.2
+
diff --git a/SOURCES/libksba-1.5.1.tar.bz2.sig b/SOURCES/libksba-1.5.1.tar.bz2.sig
deleted file mode 100644
index 7dd0848..0000000
Binary files a/SOURCES/libksba-1.5.1.tar.bz2.sig and /dev/null differ
diff --git a/SPECS/libksba.spec b/SPECS/libksba.spec
index 46d6d6d..b2efa80 100644
--- a/SPECS/libksba.spec
+++ b/SPECS/libksba.spec
@@ -1,7 +1,7 @@
 Summary: CMS and X.509 library
 Name:    libksba
 Version: 1.5.1
-Release: 6%{?dist}
+Release: 7%{?dist}
 
 # The library is licensed under LGPLv3+ or GPLv2+,
 # the rest of the package under GPLv3+
@@ -11,6 +11,8 @@ Source0: https://www.gnupg.org/ftp/gcrypt/libksba/libksba-%{version}.tar.bz2
 Source1: https://www.gnupg.org/ftp/gcrypt/libksba/libksba-%{version}.tar.bz2.sig
 
 Patch1: libksba-1.3.0-multilib.patch
+# some patches from previous batches
+# https://dev.gnupg.org/T6992
 Patch2: libksba-1.5.1-coverity.patch
 # Fix for CVE-2022-3515
 Patch3: libksba-1.5.1-overflow.patch
@@ -85,6 +87,9 @@ make check
 
 
 %changelog
+* Tue Jul 30 2024 Jakub Jelen <jjelen@redhat.com> - 1.5.1-7
+- Fix SAST reports (RHEL-25067)
+
 * Wed Jan 25 2023 Jakub Jelen <jjelen@redhat.com> - 1.5.1-6
 - Fix for CVE-2022-47629 (#2161571)