diff --git a/mod_security-2.9.8-format-security.patch b/mod_security-2.9.8-format-security.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5e2802f5b03d3d1a92c65dc0542747bcf427383b
--- /dev/null
+++ b/mod_security-2.9.8-format-security.patch
@@ -0,0 +1,24 @@
+From cddd9a7eb5585a9b3be1f9bdcadcace8f60f5808 Mon Sep 17 00:00:00 2001
+From: Ervin Hegedus <airween@gmail.com>
+Date: Tue, 3 Sep 2024 21:49:43 +0200
+Subject: [PATCH] Fix build error if -Werror=format-security is presented
+
+---
+ apache2/re.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/apache2/re.c b/apache2/re.c
+index 82eba8f23..0a8b0724d 100644
+--- a/apache2/re.c
++++ b/apache2/re.c
+@@ -472,8 +472,8 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
+ 
+ end:
+     if (my_error_msg) {
+-        if (msr) msr_log(msr, 9, my_error_msg);
+-        else ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, my_error_msg);
++        if (msr) msr_log(msr, 9, "%s", my_error_msg);
++        else ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, "%s", my_error_msg);
+     }
+     if (target_list != NULL) free(target_list);
+     if (replace != NULL) free(replace);
diff --git a/mod_security-2.9.3-remote-rules-timeout.patch b/mod_security-2.9.8-remote-rules-timeout.patch
similarity index 98%
rename from mod_security-2.9.3-remote-rules-timeout.patch
rename to mod_security-2.9.8-remote-rules-timeout.patch
index 1d347ac9b74fa5e883e836d940c0b3c428569509..2814fdab59e278729989bcb26a299657f20179be 100644
--- a/mod_security-2.9.3-remote-rules-timeout.patch
+++ b/mod_security-2.9.8-remote-rules-timeout.patch
@@ -26,7 +26,7 @@ index 80f8f2b..7912d84 100644
 +
  static const char *cmd_status_engine(cmd_parms *cmd, void *_dcfg, const char *p1)
  {
-     if (strcasecmp(p1, "on") == 0) {
+     assert(cmd != NULL);
 @@ -3667,6 +3685,14 @@ const command_rec module_directives[] = {
          "Abort or Warn"
      ),
diff --git a/mod_security.spec b/mod_security.spec
index 219652165650268e72cd70aaee88db685d54cae7..65a0acfae75114bc88904b2936ffed6e558ce74d 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -6,18 +6,18 @@
 %global mod_audit_log_collector 0
 
 Name: mod_security
-Version: 2.9.7
+Version: 2.9.8
 Release: 1
 Summary: Security module for the Apache HTTP Server
 License: ASL 2.0
-URL: http://www.modsecurity.org/
-Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
+URL: https://www.modsecurity.org/
+Source: https://github.com/owasp-modsecurity/ModSecurity/releases/download/v%{version}/modsecurity-v%{version}.tar.gz
 Source1: mod_security.conf
 Source2: 10-mod_security.conf
 Source3: modsecurity_localrules.conf
-Patch0000: modsecurity-2.9.3-lua-54.patch
 Patch0001: modsecurity-2.9.3-apulibs.patch
-Patch0002: mod_security-2.9.3-remote-rules-timeout.patch
+Patch0002: mod_security-2.9.8-remote-rules-timeout.patch
+Patch0003: mod_security-2.9.8-format-security.patch
 
 
 Requires: httpd httpd-mmn = %{_httpd_mmn}
@@ -41,7 +41,7 @@ This package collects mod_security audit log.
 %endif
 
 %prep
-%autosetup -p1 -n modsecurity-%{version}
+%autosetup -p1 -n modsecurity-v%{version}
 
 %build
 ./autogen.sh
@@ -54,7 +54,7 @@ This package collects mod_security audit log.
 
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
-make %{_smp_mflags}
+%make_build
 
 %install
 install -d %{buildroot}%{_bindir}
@@ -65,14 +65,14 @@ install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
 install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules
 install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
 install -m 700 -d $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}
-install -Dp -m0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules/
+install -Dp -m0644 %{S:3} %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules/
 %if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
-install -Dp -m0644 %{SOURCE1} %{buildroot}%{_httpd_confdir}/mod_security.conf
+install -Dp -m0644 %{S:1} %{buildroot}%{_httpd_confdir}/mod_security.conf
 sed  -i 's/Include/IncludeOptional/'  %{buildroot}%{_httpd_confdir}/mod_security.conf
-install -Dp -m0644 %{SOURCE2} %{buildroot}%{_httpd_modconfdir}/10-mod_security.conf
+install -Dp -m0644 %{S:2} %{buildroot}%{_httpd_modconfdir}/10-mod_security.conf
 %else
 install -d -m0755 %{buildroot}%{_httpd_confdir}
-cat %{SOURCE2} %{SOURCE1} > %{buildroot}%{_httpd_confdir}/mod_security.conf
+cat %{S:2} %{S:1} > %{buildroot}%{_httpd_confdir}/mod_security.conf
 %endif
 
 %if %mod_audit_log_collector
@@ -84,7 +84,8 @@ install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
 %endif
 
 %files
-%doc README.* NOTICE LICENSE CHANGES
+%license LICENSE
+%doc README.* NOTICE CHANGES
 %{_httpd_moddir}/mod_security2.so
 %config(noreplace) %{_httpd_confdir}/*.conf
 %if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
@@ -107,6 +108,9 @@ install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
 %endif
 
 %changelog
+* Mon Sep 09 2024 Funda Wang <fundawang@yeah.net> - 2.9.8-1
+- update to 2.9.8
+
 * Mon Jul 17 2023 chenchen <chen_aka_jan@163.com> - 2.9.7-1
 - Upgrade to version 2.9.7
 
diff --git a/mod_security.yaml b/mod_security.yaml
index 7c8b49d3b0f39e66e680c466c4db67d7a951fb8f..69478be180b0c434ea41cfdb22315efe1727dc85 100644
--- a/mod_security.yaml
+++ b/mod_security.yaml
@@ -1,4 +1,4 @@
 version_control: github
-src_repo: SpiderLabs/ModSecurity
+src_repo: owasp-modsecurity/ModSecurity
 tag_prefix: ^v
-seperator: .
+separator: .
diff --git a/modsecurity-2.9.3-lua-54.patch b/modsecurity-2.9.3-lua-54.patch
deleted file mode 100644
index ca6e56024f158b0feb9d0100a2ba5c412de51292..0000000000000000000000000000000000000000
--- a/modsecurity-2.9.3-lua-54.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-diff -ru modsecurity-2.9.3/apache2/msc_lua.c modsecurity-2.9.3-lua-patch/apache2/msc_lua.c
---- modsecurity-2.9.3/apache2/msc_lua.c	2018-12-04 18:49:37.000000000 +0000
-+++ modsecurity-2.9.3-lua-patch/apache2/msc_lua.c	2020-08-08 16:55:14.936045777 +0000
-@@ -429,12 +429,12 @@
- #else
- 
-     /* Create new state. */
--#if LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 501
-+#if LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 501 || LUA_VERSION_NUM == 504
-     L = luaL_newstate();
- #elif LUA_VERSION_NUM == 500
-     L = lua_open();
- #else
--#error We are only tested under Lua 5.0, 5.1, 5.2, or 5.3.
-+#error We are only tested under Lua 5.0, 5.1, 5.2, 5.3 or 5.4.
- #endif
-     luaL_openlibs(L);
- 
-@@ -459,10 +459,10 @@
-     /* Register functions. */
- #if LUA_VERSION_NUM == 500 || LUA_VERSION_NUM == 501
-     luaL_register(L, "m", mylib);
--#elif LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503
-+#elif LUA_VERSION_NUM == 502 || LUA_VERSION_NUM == 503 || LUA_VERSION_NUM == 504
-     luaL_setfuncs(L, mylib, 0);
- #else
--#error We are only tested under Lua 5.0, 5.1, 5.2, or 5.3.
-+#error We are only tested under Lua 5.0, 5.1, 5.2, 5.3 or 5.4.
- #endif
- 
-     lua_setglobal(L, "m");
diff --git a/modsecurity-2.9.7.tar.gz b/modsecurity-v2.9.8.tar.gz
similarity index 57%
rename from modsecurity-2.9.7.tar.gz
rename to modsecurity-v2.9.8.tar.gz
index 5f2e728e857e2826964e669b34107b933e68a00f..79088b5b57897d80ca17cfd964775a61f7ab33eb 100644
Binary files a/modsecurity-2.9.7.tar.gz and b/modsecurity-v2.9.8.tar.gz differ