diff --git a/mod_security_crs-rule-941310-dont-match-japanese-word.patch b/mod_security_crs-rule-941310-dont-match-japanese-word.patch
index d93a5d6..e0c4cf9 100644
--- a/mod_security_crs-rule-941310-dont-match-japanese-word.patch
+++ b/mod_security_crs-rule-941310-dont-match-japanese-word.patch
@@ -1,14 +1,67 @@
---- a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf	2020-07-01 18:38:19.000000000 +0200
-+++ b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf	2023-02-16 09:14:52.151838881 +0100
-@@ -543,8 +543,11 @@
-     ctl:auditLogParts=+E,\
+diff --git a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf
+index a48980c..e675687 100644
+--- a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf
++++ b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf
+@@ -524,12 +524,46 @@ SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAME
+ # US-ASCII encoding bypass listed on XSS filter evasion
+ # Reported by Mazin Ahmed
+ #
++# This evasion covered by this chain of rules is specific to webservers that deliver content in US-ASCII.
++# Only Apache Tomcat is known (according to the page linked above) to be vulnerable to this and probably has to be
++# misconfigured for this to happen.
++#
++# Since US-ASCII is a seven bit encoding, bit 8 is ignored. Consider the following ISO 8859-1 sequence:
++#
++# ¼script¾alert(¢XSS¢)¼/script¾
++#
++# A filter looking for tags will usually not match against this sequence because there are no angle brackets (< / >). However,
++# the characters where the brackets would be are ISO 8859-1 characters:
++# - ¼: 0x00BC
++# - ¾: 0x00BE
++# - ¢: 0x00A2
++#
++# And this is how the sequence looks in in US-ASCII:
++#
++# <script>alert("XSSB")</script/>
++#
++# This enables an attacker to craft a string that will be delivered in a form that a browser will execute as script
++# while being ignored by input filters.
++#
++# This rule looks for start tag sequene that looks like "<...>" (checks fo hex and plain to be sure).
++# Because the bytes matched occur in many different languages encoded as multibyte characters (e.g. UTF-8)
++# (e.g. German umlauts, Russion characters) this isn't very helpful and can cause many false positives. We, therefore,
++# use a chained rule to also look fora an end tag sequence that looks like "</...>". Only if the chained rule matches will
++# the request be blocked.
++#
++# This is of course still not perfect but should at least make it harder to hide most tags using this technique while
++# requiring very specifig patterns in a language to match, which should get rid of most false positives.
++# These rules would, for example, not guard against an element without an end tag, e.g. "<img... />".
++#
++# US-ASCII on Wikipedia: https://en.wikipedia.org/wiki/ASCII
++# ISO 8859-1 on Wikipedia: https://en.wikipedia.org/wiki/ISO/IEC_8859-1
+ 
+ SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* "@rx \xbc[^\xbe>]*[\xbe>]|<[^\xbe]*\xbe" \
+     "id:941310,\
+     phase:2,\
+     block,\
+     capture,\
++    chain,\
+     t:none,t:urlDecodeUni,t:lowercase,t:urlDecode,t:htmlEntityDecode,t:jsDecode,\
+     msg:'US-ASCII Malformed Encoding XSS Filter - Attack Detected',\
+     logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
+@@ -540,11 +574,13 @@ SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAME
+     tag:'paranoia-level/1',\
+     tag:'OWASP_CRS',\
+     tag:'capec/1000/152/242',\
+-    ctl:auditLogParts=+E,\
      ver:'OWASP_CRS/3.3.4',\
-     severity:'CRITICAL',\
+-    severity:'CRITICAL',\
 -    setvar:'tx.xss_score=+%{tx.critical_anomaly_score}',\
 -    setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}'"
-+    chain"
-+        SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|REQUEST_FILENAME|XML:/* "@rx [^\xe4]\xbc[^\x9a][^\xbe>]*[^\xe7][^\xa4][\xbe>]|<[^\xbe]*[^\xe7][^\xa4]\xbe" \
++    severity:'CRITICAL'"
++    SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* "@rx (?:\xbc\s*/\s*[^\xbe>]*[\xbe>])|(?:<\s*/\s*[^\xbe]*\xbe)" \
 +        "t:none,t:lowercase,t:urlDecode,t:htmlEntityDecode,t:jsDecode,\
++        ctl:auditLogParts=+E,\
 +        setvar:'tx.xss_score=+%{tx.critical_anomaly_score}',\
 +        setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}'"
  
diff --git a/mod_security_crs.spec b/mod_security_crs.spec
index ec60bed..716a3bc 100644
--- a/mod_security_crs.spec
+++ b/mod_security_crs.spec
@@ -1,7 +1,7 @@
 Summary: ModSecurity Rules
 Name: mod_security_crs
 Version: 3.3.4
-Release: 3%{?dist}
+Release: 3%{?dist}.1
 License: ASL 2.0
 URL: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
 Group: System Environment/Daemons
@@ -50,6 +50,10 @@ done
 %{_datarootdir}/mod_modsecurity_crs
 
 %changelog
+* Wed Feb 19 2025 Luboš Uhliarik <luhliari@redhat.com> - 3.3.4-3.1
+- Resolves: RHEL-78711 - A form data, "鹿沼市御成橋"(a name of street/city
+  in Japanese) is forbade by mod_security_crs-3.3.4-3.el8.noarch
+
 * Tue Apr 04 2023 Richard Lescak <rlescak@redhat.com> - 3.3.4-3
 - bump release to enable build
 - Related: rhbz#2040257