diff --git a/samba.spec b/samba.spec
index 2512c6e..e99558b 100644
--- a/samba.spec
+++ b/samba.spec
@@ -135,7 +135,7 @@
 %define samba_requires_eq()  %(LC_ALL="C" echo '%*' | xargs -r rpm -q --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
 
 %global samba_version 4.17.4
-%global baserelease 100
+%global baserelease 101
 # This should be rc1 or %%nil
 %global pre_release %nil
 
@@ -173,7 +173,7 @@
 %global tevent_version 0.13.0
 %global ldb_version 2.6.1
 
-%global required_mit_krb5 1.19
+%global required_mit_krb5 1.20.1
 
 # This is a network daemon, do a hardened build
 # Enables PIE and full RELRO protection
@@ -4335,6 +4335,9 @@ fi
 %endif
 
 %changelog
+* Wed Dec 21 2022 Pavel Filipenský <pfilipenn@redhat.com> - 4.17.4-101
+- related: rhbz#2131993 - Rebuild for MIT Kerberos 1.20.1
+
 * Mon Dec 19 2022 Pavel Filipenský <pfilipen@redhat.com> - 4.17.4-100
 - related: rhbz#2131993 - Update to version 4.17.4
 - resolves: rhbz#2154373 - Fix CVE-2022-38023