diff --git a/.gitignore b/.gitignore
index bd4d881..7762561 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,3 +44,4 @@ varnish-2.1.3.tar.gz
 /varnish-6.4.0.tgz
 /varnish-6.5.0.tgz
 /varnish-6.5.1.tgz
+/varnish-6.5.2.tgz
diff --git a/sources b/sources
index 68e4dc9..9cba1c4 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (varnish-6.5.1.tgz) = 0f34f2c6fe68bfcdba488cda40cc387b3c10343923a75a6a1791c890d20e79c64069697c45720cd5f0cba666d506d3ab6bb814ef4f9120cf0c8519a01144844f
+SHA512 (varnish-6.5.2.tgz) = 31673eaa95e5d3413cd3a4a6fb324c1f0ad2efb22b75409fc0e02c61446787eb167bd530ee5b0a199da4fc76cc36f3603984d86781f856cc6a4aac48260fe4ef
 SHA512 (pkg-varnish-cache-ec7ad9e.tar.gz) = 146aacec76b2ca641bb8bc9dda49e82d28740dbcba034e73a8d39387696f10fa3108ab124a078e900865388217352d112f63f6fe9ef7b23e20bc699441aab4f2
diff --git a/varnish.spec b/varnish.spec
index e41b465..1b0c6c4 100644
--- a/varnish.spec
+++ b/varnish.spec
@@ -22,8 +22,8 @@
 
 Summary: High-performance HTTP accelerator
 Name: varnish
-Version: 6.5.1
-Release: 5%{?dist}
+Version: 6.5.2
+Release: 1%{?dist}
 License: BSD
 URL: https://www.varnish-cache.org/
 Source0: http://varnish-cache.org/_downloads/%{name}-%{version}.tgz
@@ -300,6 +300,12 @@ test -f /etc/varnish/secret || (uuidgen > /etc/varnish/secret && chmod 0600 /etc
 
 
 %changelog
+* Wed Jul 21 2021 Luboš Uhliarik <luhliari@redhat.com> - 6.5.2-1
+- new version 6.5.2
+- Resolves: #1984185 - Rebase varnish to 6.5.2
+- Resolves: #1982858 - CVE-2021-36740 varnish: HTTP/2 request smuggling attack
+  via a large Content-Length header for a POST request 
+
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 6.5.1-5
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937