diff --git a/.gitignore b/.gitignore
index 5129e24..94b3938 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,5 @@ rsync-patches-3.0.8.tar.gz
 /rsync-patches-3.2.4pre3.tar.gz
 /rsync-3.2.4.tar.gz
 /rsync-patches-3.2.4.tar.gz
+/rsync-3.2.5.tar.gz
+/rsync-patches-3.2.5.tar.gz
diff --git a/rsync.spec b/rsync.spec
index 3b3f5ef..12bf2ad 100644
--- a/rsync.spec
+++ b/rsync.spec
@@ -8,8 +8,8 @@
 
 Summary: A program for synchronizing files over a network
 Name: rsync
-Version: 3.2.4
-Release: 5%{?prerelease}%{?dist}
+Version: 3.2.5
+Release: 1%{?prerelease}%{?dist}
 URL: https://rsync.samba.org/
 
 Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
@@ -119,6 +119,11 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 %systemd_postun_with_restart rsyncd.service
 
 %changelog
+* Tue Aug 16 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.5-1
+- New version 3.2.5
+- Resolves: #2115430 - remote arbitrary files write inside the directories of connecting peers
+- Fix for CVE-2022-37434
+
 * Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.4-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
 
diff --git a/sources b/sources
index 43de0f1..9086b3f 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (rsync-3.2.4.tar.gz) = 96318e2754fbddf84d16df671c721e577766969dfa415925c4dc1be2e4e60a51246623747a8aec0c6e9c0824e6aa7335235ccd07f3d6fd901f8cf28e2d6e91b6
-SHA512 (rsync-patches-3.2.4.tar.gz) = faa49c4839928ae49b07d515b90104ca962386d90cc0403dec37f71f275415298bcabb391746a966ff3247f22f4610f172a0c817329fa4fc7a6f0c694392772d
+SHA512 (rsync-3.2.5.tar.gz) = 6d115acb5bae546cd2b5df2c11390f8609107b7a45aa649158d8daa0c9290ab5f15640fdd4000b21d1ab39f7385b85d77cd8fe4628fa13b2adeea6fcd53d057a
+SHA512 (rsync-patches-3.2.5.tar.gz) = e8e36567f2ce9a155639bafecc361db635abff718b321fbd52c925632b87502ad022cf8238e39539a4f9e45dce37513395fd481abfa2ccb78e8af2047e1a4cf6