diff --git a/.gitignore b/.gitignore
index 51aeae3..c4051ad 100644
--- a/.gitignore
+++ b/.gitignore
@@ -59,3 +59,5 @@
 /cryptography-41.0.3-vendor.tar.bz2
 /cryptography-41.0.5-vendor.tar.bz2
 /cryptography-41.0.5.tar.gz
+/cryptography-41.0.7.tar.gz
+/cryptography-41.0.7-vendor.tar.bz2
diff --git a/python-cryptography.spec b/python-cryptography.spec
index 5849991..0f4f843 100644
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@@ -5,8 +5,8 @@
 %global srcname cryptography
 
 Name:           python-%{srcname}
-Version:        41.0.5
-Release:        4%{?dist}
+Version:        41.0.7
+Release:        1%{?dist}
 Summary:        PyCA's cryptography library
 
 # cryptography is dual licensed under the Apache-2.0 and BSD-3-Clause,
@@ -137,6 +137,9 @@ PYTHONPATH=${PWD}/vectors:%{buildroot}%{python3_sitearch} \
 %{python3_sitearch}/%{srcname}-%{version}-py*.egg-info
 
 %changelog
+* Thu Feb 01 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 41.0.7-1
+- Update to 41.0.7, fixes rhbz#2255351, CVE-2023-49083
+
 * Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 41.0.5-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 
diff --git a/sources b/sources
index 7c4beae..44bd6ba 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (cryptography-41.0.5.tar.gz) = b647b4f5155437242d7a31d84bd1cdc83284d96d334a3d6169533d597540f525d3f1686bab3a5fe3cb64a4fa6ded5e5d19489dfff0e93d86c274f20e69ca07e9
-SHA512 (cryptography-41.0.5-vendor.tar.bz2) = 67f0575a1ff53bfba01b14f01f79f2442b0971c67c23eb32ebf77813c7a7e22efdcea3ed6926712cb4d875f71b6f21d24c105b3cdad51e24dc84fa3995edd381
+SHA512 (cryptography-41.0.7.tar.gz) = 9a870d45296de6af1331e73b102226b8269892216cd7bc0adfb2f63ce1ca7021d338effd09182128253d8d8df154bbd19d46c47f10ddac86e739fcbf6df78307
+SHA512 (cryptography-41.0.7-vendor.tar.bz2) = dbf750a1ada4a9330939e3dae8311007a9e25808eb64c124c99981187d1bc04baba3a7d3b838c0cd9491e8350c382fb0f789a11abb21c633f2d78e8aba819b9e