diff --git a/.gitignore b/.gitignore
index dc81e34..3327bd1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/jitterentropy-library-3.0.2.tar.gz
+SOURCES/jitterentropy-library-3.3.1.tar.gz
diff --git a/.jitterentropy.metadata b/.jitterentropy.metadata
index d0d10cc..fefba16 100644
--- a/.jitterentropy.metadata
+++ b/.jitterentropy.metadata
@@ -1 +1 @@
-e062ebb55506d9ac74a890fd2df69521aa71b8cc SOURCES/jitterentropy-library-3.0.2.tar.gz
+b48e54d56961e3db138dac4fd6ab3117e31f5db9 SOURCES/jitterentropy-library-3.3.1.tar.gz
diff --git a/SOURCES/jitterentropy-fix-ec-check.patch b/SOURCES/jitterentropy-fix-ec-check.patch
new file mode 100644
index 0000000..3b2757d
--- /dev/null
+++ b/SOURCES/jitterentropy-fix-ec-check.patch
@@ -0,0 +1,20 @@
+diff -up src/jitterentropy-noise.c.orig src/jitterentropy-noise.c
+--- src/jitterentropy-noise.c	2021-11-23 15:42:47.809329173 +0100
++++ src/jitterentropy-noise.c	2021-11-23 15:44:19.820499338 +0100
+@@ -188,7 +188,7 @@ static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt)
+ 		uint32_t u[4];
+ 		uint8_t b[sizeof(uint32_t) * 4];
+ 	} prngState = { .u = {0x8e93eec0, 0xce65608a, 0xa8d46b46, 0xe83cef69} };
+-	uint32_t addressMask = ec->memmask;
++	uint32_t addressMask;
+ 
+ 	/* Ensure that macros cannot overflow jent_loop_shuffle() */
+ 	BUILD_BUG_ON((MAX_ACC_LOOP_BIT + MIN_ACC_LOOP_BIT) > 63);
+@@ -197,6 +197,7 @@ static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt)
+ 
+ 	if (NULL == ec || NULL == ec->mem)
+ 		return;
++	addressMask = ec->memmask;
+ 
+ 	/*
+ 	 * Mix the current data into prngState
diff --git a/SPECS/jitterentropy.spec b/SPECS/jitterentropy.spec
index 9c4bf7d..a3f43ec 100644
--- a/SPECS/jitterentropy.spec
+++ b/SPECS/jitterentropy.spec
@@ -1,6 +1,6 @@
 Name:	jitterentropy
-Version:	3.0.2
-Release:	3.git.409828cf%{?dist}
+Version:	3.3.1
+Release:	2%{?dist}
 Summary:	Library implementing the jitter entropy source
 
 License:	BSD or GPLv2
@@ -12,6 +12,8 @@ BuildRequires: make
 
 # Disable Upstream Makefiles debuginfo strip on install
 Patch0: jitterentropy-rh-makefile.patch
+# Fix ec check for NULL
+Patch1: jitterentropy-fix-ec-check.patch
 
 %description
 Library implementing the CPU jitter entropy source
@@ -24,7 +26,7 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
 Development headers and libraries for jitterentropy
 
 %prep
-%autosetup -n %{name}-library-%{version}
+%autosetup -p0 -n %{name}-library-%{version}
 
 %build
 %set_build_flags
@@ -45,6 +47,10 @@ mkdir -p %{buildroot}/usr/include/
 %{_mandir}/man3/*
 
 %changelog
+* Tue Nov 23 2021 Vladis Dronov <vdronov@redhat.com> - 3.3.1-2
+- Update to the upstream v3.3.1 @ 887c9871 (bz 2015560)
+- Fix a security issue found by a covscan in jitterentropy library
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.0.2-3.git.409828cf
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688