diff --git a/sources b/sources
index 33c6aba..7481d0f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (apache-tomcat-9.0.30-src.tar.gz) = 5a693c26bc78c504ca9c30cab6356927dbeded199798b558f2efe428a98fd68a88e0c113cc7b710fe3b2109e5ae3a970ff3989f909b95eb782d47d12a2a3a20d
+SHA512 (apache-tomcat-9.0.31-src.tar.gz) = a0ba9e46a3d2a4cf708e6e29b4647c041495e45865ce5c679c9dcfee77181373a2d3034222701d0f15d5c7e71e6aa3cc7db236c66ba069b3e3660a948b44342f
diff --git a/tomcat.spec b/tomcat.spec
index 784750d..66877fa 100644
--- a/tomcat.spec
+++ b/tomcat.spec
@@ -31,7 +31,7 @@
 %global jspspec 2.3
 %global major_version 9
 %global minor_version 0
-%global micro_version 30
+%global micro_version 31
 %global packdname apache-tomcat-%{version}-src
 %global servletspec 4.0
 %global elspec 3.0
@@ -59,7 +59,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       2%{?dist}
+Release:       1%{?dist}
 Summary:       Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
 
 License:       ASL 2.0
@@ -615,6 +615,10 @@ fi
 %attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out
 
 %changelog
+* Thu Mar 05 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.31-1
+- Update to 9.0.31
+- Resolves: rhbz#1806398 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
+
 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:9.0.30-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild