diff --git a/libssh-0.11.2.tar.xz b/libssh-0.11.2.tar.xz
new file mode 100644
index 0000000000000000000000000000000000000000..52f87a23d94ebc9df91fef0b6a6e445fead03683
Binary files /dev/null and b/libssh-0.11.2.tar.xz differ
diff --git a/libssh-0.11.2.tar.xz.asc b/libssh-0.11.2.tar.xz.asc
new file mode 100644
index 0000000000000000000000000000000000000000..14ce1804a91f283f9cebbd431dd500a2d631253c
--- /dev/null
+++ b/libssh-0.11.2.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEiKIo2JsHwsd9DHgJA9XfjP3T6OcFAmhaqdkACgkQA9XfjP3T
+6Oe5xA/+LkbLEPKgNRKMFbXZX2UIyotnFUbZ2o0bujswAxGPqY2paYDHuA5njjKD
+b9I7WGKstrlywyDr3c+fBSak4uRkLgV7vb6GfjSTXwUoqCwXkUqjVMSO58iSnblZ
+gjuRglsL0dgTd6jF+LCGqD5JMDNk2spvK0xD/8i53MCqaLv2ysevR1Q2osaw8Hca
+AM3kHoCRK1TR2gDMLDoX9zSh0UrbHj7o5yG7KBTFoXJsJeR6OtTir72RVTuro8v7
+8rT1nWbEcgIk/W9+5k7fVuIZc7w1wHqkX8Rj3aubKsLLPPRRJ0Yy7eCRJ26i3d5J
+51NlmkjrXzmAVd80DOfcd8Ux4I3p85QFXqkgd3J5TgzeV1r0/xJ0Qer612pSPTXq
+7UPZmyD914ak0EUdiBmud9OIKNmS+szAW2gAtz3Es59aK3LrLO/wgSi09Jq0wqfZ
+yyvG4/a9dkHaNk0+cSy5YsL0truGCoIPYfKe5ESy5OdzYSYbCdymS8cQRVH3t0is
+inVV5PbfymbPtscYAliTOMhSYL6VktRBOf5kFA/8EG4+SPI6ingTecc0GqOMPhVu
+gYuj6G+bmschKkhHcMpbkmo7HN+sDBpdOWyPqs68RvytNWjng0x5jAFdDvA/I/6b
+ZNmiDlTUfTgsNqBLMNkQ+cx+mRzpp4L87Xvm4ZQhDl3MwxvY048=
+=aw47
+-----END PGP SIGNATURE-----
diff --git a/libssh.keyring b/libssh.keyring
index 411bf36750f0fc4a8856034415e39c7116559ee4..b2cf9168d49bca37971ce30b92183e3f4e53ef8a 100644
Binary files a/libssh.keyring and b/libssh.keyring differ
diff --git a/libssh.spec b/libssh.spec
index 2524206d0b6b29bcfc33940000ce11d1fcc410d7..6eeada268a0713df568acba21aab3685cc37c3cd 100644
--- a/libssh.spec
+++ b/libssh.spec
@@ -1,37 +1,16 @@
 %undefine __cmake_in_source_build
 
 Name:           libssh
-Version:        0.10.5
-Release:        5
+Version:        0.11.2
+Release:        1
 Summary:        A library implementing the SSH protocol
 License:        LGPL-2.1-or-later
 URL:            https://www.libssh.org
 
-Source0:        https://www.libssh.org/files/0.10/%{name}-%{version}.tar.xz
-Source1:        https://www.libssh.org/files/0.10/%{name}-%{version}.tar.xz.asc
+Source0:        https://www.libssh.org/files/0.11/%{name}-%{version}.tar.xz
+Source1:        https://www.libssh.org/files/0.11/%{name}-%{version}.tar.xz.asc
 Source2:        https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring
 
-Patch1:         backport-0001-CVE-2023-6004-torture_config-Allow-multiple-in-usern.patch
-Patch2:         backport-0002-CVE-2023-6004-config_parser-Allow-multiple-in-userna.patch
-Patch3:         backport-0003-CVE-2023-6004-options-Simplify-the-hostname-parsing-.patch
-Patch4:         backport-0004-CVE-2023-6004-misc-Add-function-to-check-allowed-cha.patch
-Patch5:         backport-0005-CVE-2023-6004-torture_misc-Add-test-for-ssh_check_ho.patch
-Patch6:         backport-0006-CVE-2023-6004-config_parser-Check-for-valid-syntax-o.patch
-Patch7:         backport-0007-CVE-2023-6004-torture_proxycommand-Add-test-for-prox.patch
-Patch8:         backport-0008-CVE-2023-6004-torture_misc-Add-test-for-ssh_is_ipadd.patch
-Patch9:         backport-0009-CVE-2023-6004-misc-Add-ipv6-link-local-check-for-an-.patch
-Patch10:        backport-0010-CVE-2023-6004-torture_misc-Add-tests-for-ipv6-link-l.patch
-Patch11:        backport-0011-CVE-2023-48795-client-side-mitigation.patch
-Patch12:        backport-0012-CVE-2023-48795-Server-side-mitigations.patch
-Patch13:        backport-0013-CVE-2023-48795-Strip-extensions-from-both-kex-lists-.patch
-Patch14:        backport-0014-CVE-2023-48795-tests-Adjust-calculation-to-strict-ke.patch
-Patch15:        backport-0015-CVE-2023-6918-kdf-Reformat.patch
-Patch16:        backport-0016-CVE-2023-6918-Remove-unused-evp-functions-and-types.patch
-Patch17:        backport-0017-CVE-2023-6918-Systematically-check-return-values-whe.patch
-Patch18:        backport-0018-CVE-2023-6918-kdf-Detect-context-init-failures.patch
-Patch19:        backport-0019-CVE-2023-6918-tests-Code-coverage-for-ssh_get_pubkey.patch
-Patch20:        backport-Fix-regression-in-IPv6-addresses-in-hostname-parsing.patch
-Patch21:        backport-0020-CVE-2025-5318-fix-possible-buffer-overrun.patch
 
 BuildRequires:  cmake gcc-c++ gnupg2 openssl-devel pkgconfig zlib-devel
 BuildRequires:  krb5-devel libcmocka-devel openssh-clients openssh-server
@@ -103,6 +82,12 @@ popd
 %doc CHANGELOG README
 
 %changelog
+* Mon Aug 18 2025 Yu Peng <yupeng@kylinos.cn> -0.11.2-1
+- Type:CVE
+- Id:CVE-2025-5449
+- SUG:NA
+- DESC:update to 0.11.2 to fix CVE-2025-5449.
+
 * Wed Jul 2 2025 zhangbinqin <zhangbinqin@h-partners.com> - 0.10.5-5
 - Type:CVE
 - Id:CVE-2025-5318