diff --git a/0001-coap_pdu.c-Fix-UndefinedBehaviorSanitizer-undefined-.patch b/0001-coap_pdu.c-Fix-UndefinedBehaviorSanitizer-undefined-.patch
deleted file mode 100644
index 2d2701853189e936379b2e3472f464c858273be6..0000000000000000000000000000000000000000
--- a/0001-coap_pdu.c-Fix-UndefinedBehaviorSanitizer-undefined-.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-From acb9e78e124db83f5485cf7d4c3d2283b2685351 Mon Sep 17 00:00:00 2001
-From: Wei Jiangang <wei_jiangang@hoperun.com>
-Date: Wed, 14 Aug 2024 09:57:36 +0800
-Subject: [PATCH] coap_pdu.c: Fix UndefinedBehaviorSanitizer:
- undefined-behavior This fixes a reported error in coap_update_token() where a
- size_t calculation is overflowed (but all ends up with the correct value).
-
-Instead of adding an overflowed size_t, now subtract the reversed
-size_t calculation as appropriate.
-
-coap_update_option() and coap_insert_option() similarily updated.
-
-Fix CVE-2024-31031, refer to
-https://github.com/obgm/libcoap/commit/1abc64cc3f774d3316374db5e6328f9409da5f40
-
-Signed-off-by: Wei Jiangang <wei_jiangang@hoperun.com>
----
- src/coap_pdu.c | 33 ++++++++++++++++++++++++---------
- 1 file changed, 24 insertions(+), 9 deletions(-)
-
-diff --git src/coap_pdu.c src/coap_pdu.c
-index afe445c..e3be3f0 100644
---- src/coap_pdu.c
-+++ src/coap_pdu.c
-@@ -389,12 +389,15 @@ coap_update_token(coap_pdu_t *pdu, size_t len, const uint8_t *data) {
-     memmove(&pdu->token[(len + bias) - pdu->e_token_length],
-             pdu->token, pdu->used_size);
-     pdu->used_size += len + bias - pdu->e_token_length;
-+    if (pdu->data) {
-+      pdu->data += (len + bias) - pdu->e_token_length;
-+    }
-   } else {
-     pdu->used_size -= pdu->e_token_length - (len + bias);
-     memmove(pdu->token, &pdu->token[pdu->e_token_length - (len + bias)], pdu->used_size);
--  }
--  if (pdu->data) {
--    pdu->data += (len + bias) - pdu->e_token_length;
-+    if (pdu->data) {
-+      pdu->data -= pdu->e_token_length - (len + bias);
-+    }
-   }
- 
-   pdu->actual_token.length = len;
-@@ -641,9 +644,15 @@ coap_insert_option(coap_pdu_t *pdu, coap_option_num_t number, size_t len,
-                        number - prev_number, data, len))
-     return 0;
- 
--  pdu->used_size += shift - shrink;
--  if (pdu->data)
--    pdu->data += shift - shrink;
-+  if (shift >= shrink) {
-+    pdu->used_size += shift - shrink;
-+    if (pdu->data)
-+      pdu->data += shift - shrink;
-+  } else {
-+    pdu->used_size -= shrink - shift;
-+    if (pdu->data)
-+      pdu->data -= shrink - shift;
-+  }
-   return shift;
- }
- 
-@@ -681,9 +690,15 @@ coap_update_option(coap_pdu_t *pdu, coap_option_num_t number, size_t len,
-                        decode.delta, data, len))
-     return 0;
- 
--  pdu->used_size += new_length - old_length;
--  if (pdu->data)
--    pdu->data += new_length - old_length;
-+  if (new_length >= old_length) {
-+    pdu->used_size += new_length - old_length;
-+    if (pdu->data)
-+      pdu->data += new_length - old_length;
-+  } else {
-+    pdu->used_size -= old_length - new_length;
-+    if (pdu->data)
-+      pdu->data -= old_length - new_length;
-+  }
-   return 1;
- }
- 
--- 
-2.39.1
-
diff --git a/0002-coap_oscore.c-Fix-parsing-OSCORE-configuration-infor.patch b/0002-coap_oscore.c-Fix-parsing-OSCORE-configuration-infor.patch
deleted file mode 100644
index e1e4ab2c77fec7243cecee3afcb12bb74959309f..0000000000000000000000000000000000000000
--- a/0002-coap_oscore.c-Fix-parsing-OSCORE-configuration-infor.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-Date: Thu, 25 Jan 2024 18:03:17 +0000
-Subject: [PATCH] [PATCH] coap_oscore.c: Fix parsing OSCORE configuration
- information
-
-Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
----
- src/coap_oscore.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/coap_oscore.c b/src/coap_oscore.c
-index bf4f23f..2d7dd6d 100644
---- src/coap_oscore.c
-+++ src/coap_oscore.c
-@@ -1672,11 +1672,12 @@ get_split_entry(const char **start,
-                 oscore_value_t *value) {
-   const char *begin = *start;
-   const char *end;
-+  const char *kend;
-   const char *split;
-   size_t i;
- 
- retry:
--  end = memchr(begin, '\n', size);
-+  kend = end = memchr(begin, '\n', size);
-   if (end == NULL)
-     return 0;
- 
-@@ -1687,7 +1688,7 @@ retry:
- 
-   if (begin[0] == '#' || (end - begin) == 0) {
-     /* Skip comment / blank line */
--    size -= end - begin + 1;
-+    size -= kend - begin + 1;
-     begin = *start;
-     goto retry;
-   }
--- 
-2.43.0
-
diff --git a/libcoap-4.3.4.tar.gz b/libcoap-4.3.4.tar.gz
deleted file mode 100644
index de4dfaca1eaeafefb45ab0271ded59302b2324fe..0000000000000000000000000000000000000000
Binary files a/libcoap-4.3.4.tar.gz and /dev/null differ
diff --git a/libcoap.spec b/libcoap.spec
index b791d48046c9f62616a8d0c31637cbc1d4d12a84..f31b96fe858aba0e89e23b24627915a092759146 100644
--- a/libcoap.spec
+++ b/libcoap.spec
@@ -1,26 +1,21 @@
 Name:           libcoap
-Version:        4.3.4
-Release:        3%{?dist}
+Version:        4.3.5
+Release:        1
 Summary:        Implementation of a lightweight application-protocol CoAP
 # If build against gnutls the license is BSD + LGPL 2.1
-License:	BSD
+License:	BSD-2-Clause
 
 URL:            https://libcoap.net
-Source0:        %{name}-%{version}.tar.gz
+Source0:        https://github.com/obgm/libcoap/archive/refs/tags/v%{version}.tar.gz
 
-Patch0001:      0001-coap_pdu.c-Fix-UndefinedBehaviorSanitizer-undefined-.patch
-Patch0002:      0002-coap_oscore.c-Fix-parsing-OSCORE-configuration-infor.patch
-
-BuildRequires:  autoconf
-BuildRequires:  automake
-BuildRequires:  gcc
-BuildRequires:  libtool
-BuildRequires:  openssl-devel
+BuildRequires:  gcc make
+BuildRequires:  autoconf automake libtool
+BuildRequires:  pkgconfig(cunit)
+BuildRequires:  pkgconfig(openssl)
 BuildRequires:  asciidoc
 BuildRequires:  ctags
 BuildRequires:  doxygen
 BuildRequires:  graphviz
-BuildRequires:  make
 
 %description
 libcoap is a C implementation of a lightweight application-protocol for
@@ -56,7 +51,7 @@ Documentation for development with %{name}.
 
 %build
 autoreconf -vif
-%configure --without-debug CFLAGS="$RPM_OPT_FLAGS -D COAP_DEBUG_FD=stderr" \
+%configure --without-debug CFLAGS="%{build_cflags} -D COAP_DEBUG_FD=stderr" \
            --enable-examples --enable-documentation --enable-doxygen --enable-manpages \
            --enable-dtls --with-openssl --disable-static
 
@@ -64,16 +59,13 @@ autoreconf -vif
 
 %install
 %make_install
+%delete_la_and_a
 
 #Remove libtool archives
-find %{buildroot} -name '*.la' -delete
-find %{buildroot} -name '*.a' -delete
 rm -rf %{buildroot}/%{_datadir}/%{name}
 
 %check
-make check
-
-%ldconfig_scriptlets
+%make_build check
 
 %files
 %license LICENSE COPYING
@@ -95,6 +87,9 @@ make check
 %{_libdir}/libcoap-3*.so
 
 %changelog
+* Thu Jan 23 2025 Funda Wang <fundawang@yeah.net> - 4.3.5-1
+- update to 4.3.5
+
 * Tue Jan 14 2025 Wei Jiangang <wei_jiangang@hoperun.com> - 4.3.4-3
 - Fix CVE-2024-0962
 
diff --git a/v4.3.5.tar.gz b/v4.3.5.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..ada7feec1daaaed8f6c4db1270ac9bdca3aa4859
Binary files /dev/null and b/v4.3.5.tar.gz differ