diff --git a/CVE-2022-3190.patch b/CVE-2022-3190.patch
deleted file mode 100644
index 3dcc2f761f00b062583ba53dfa6e39deb45fde11..0000000000000000000000000000000000000000
--- a/CVE-2022-3190.patch
+++ /dev/null
@@ -1,143 +0,0 @@
-From 0f27a83c5692b2afebe6e6934c1051f76aa2ecf9 Mon Sep 17 00:00:00 2001
-From: Jason Cohen <kryojenik2@gmail.com>
-Date: Wed, 31 Aug 2022 11:10:17 -0500
-Subject: [PATCH] f5ethtrailer: Improve "old-style" heuristic
-
-Remove a chance for an infinate loop in the disection heuristic.
----
- epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++-------------
- 1 file changed, 56 insertions(+), 52 deletions(-)
-
-diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c
-index b2ba8f899d..915348ea83 100644
---- a/epan/dissectors/packet-f5ethtrailer.c
-+++ b/epan/dissectors/packet-f5ethtrailer.c
-@@ -2751,69 +2751,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d
- static gint
- dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
- {
--    proto_tree *type_tree   = NULL;
--    proto_item *ti          = NULL;
-     guint offset            = 0;
--    guint processed         = 0;
--    f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
--    guint8 type;
--    guint8 len;
--    guint8 ver;
- 
-     /* While we still have data in the trailer.  For old format trailers, this needs
-      * type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes).
-      * All old format trailers are at least 4 bytes long, so just check for length of magic.
-      */
--    while (tvb_reported_length_remaining(tvb, offset)) {
--        type = tvb_get_guint8(tvb, offset);
--        len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
--        ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
--
--        if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW
--            && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE
--            && ver <= F5TRAILER_VER_MAX) {
--            /* Parse out the specified trailer. */
--            switch (type) {
--            case F5TYPE_LOW:
--                ti        = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
--                type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
--
--                processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
--                if (processed > 0) {
--                    tdata->trailer_len += processed;
--                    tdata->noise_low = 1;
--                }
--                break;
--            case F5TYPE_MED:
--                ti        = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
--                type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
--
--                processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
--                if (processed > 0) {
--                    tdata->trailer_len += processed;
--                    tdata->noise_med = 1;
--                }
--                break;
--            case F5TYPE_HIGH:
--                ti        = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
--                type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
--
--                processed =
--                    dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
--                if (processed > 0) {
--                    tdata->trailer_len += processed;
--                    tdata->noise_high = 1;
--                }
--                break;
-+    while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) {
-+        /* length field does not include the type and length bytes.  Add them back in */
-+        guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION;
-+        if (len > tvb_reported_length_remaining(tvb, offset)
-+            || len < F5_MIN_SANE || len > F5_MAX_SANE) {
-+            /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */
-+            return offset;
-+        }
-+        guint8 type = tvb_get_guint8(tvb, offset);
-+        guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION);
-+
-+        /* Parse out the specified trailer. */
-+        proto_tree *type_tree   = NULL;
-+        proto_item *ti          = NULL;
-+        f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data;
-+        guint processed = 0;
-+
-+        switch (type) {
-+        case F5TYPE_LOW:
-+            ti        = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA);
-+            type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low);
-+
-+            processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
-+            if (processed > 0) {
-+                tdata->trailer_len += processed;
-+                tdata->noise_low = 1;
-             }
--            if (processed == 0) {
--                proto_item_set_len(ti, 1);
--                return offset;
-+            break;
-+        case F5TYPE_MED:
-+            ti        = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA);
-+            type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med);
-+
-+            processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
-+            if (processed > 0) {
-+                tdata->trailer_len += processed;
-+                tdata->noise_med = 1;
-+            }
-+            break;
-+        case F5TYPE_HIGH:
-+            ti        = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA);
-+            type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high);
-+
-+            processed =
-+                dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata);
-+            if (processed > 0) {
-+                tdata->trailer_len += processed;
-+                tdata->noise_high = 1;
-             }
-+            break;
-+        default:
-+            /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/
-+            return offset;
-+        }
-+        if (processed == 0) {
-+            /* couldn't process trailer - bali out */
-+            proto_item_set_len(ti, 1);
-+            return offset;
-         }
-         offset += processed;
-     }
--return offset;
-+    return offset;
- } /* dissect_old_trailer() */
- 
- /*---------------------------------------------------------------------------*/
--- 
-GitLab
-
diff --git a/CVE-2022-3725.patch b/CVE-2022-3725.patch
deleted file mode 100644
index 4539967cc0966c72be0f447ce4d9c6d3c78e0f03..0000000000000000000000000000000000000000
--- a/CVE-2022-3725.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 5db46d3a7c0f6481361a4a007de125ab92bfb674 Mon Sep 17 00:00:00 2001
-From: John Thacker <johnthacker@gmail.com>
-Date: Mon, 26 Sep 2022 19:55:59 -0400
-Subject: [PATCH] opus: Don't overflow a signed 16-bit integer
-
-The internal sample rate of 48KHz overflows a signed 16-bit
-integer, and causes incorrect calculations. Use an unsigned integer.
-
-Fix #18378
-
-
-(cherry picked from commit 749a8d091200b43175268689996471b59fa34266)
----
- epan/dissectors/packet-opus.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/epan/dissectors/packet-opus.c b/epan/dissectors/packet-opus.c
-index 9451fed0a1..54a83a007e 100644
---- a/epan/dissectors/packet-opus.c
-+++ b/epan/dissectors/packet-opus.c
-@@ -128,7 +128,7 @@ parse_size_field(const unsigned char *ch, int32_t cn, int16_t *size)
- }
- 
- static int16_t
--opus_packet_get_samples_per_frame(const unsigned char *data, int16_t Fs)
-+opus_packet_get_samples_per_frame(const unsigned char *data, uint16_t Fs)
- {
-     int audiosize;
-     if (data[0] & 0x80) {
--- 
-GitLab
-
diff --git a/SIGNATURES-3.6.11.txt b/SIGNATURES-3.6.11.txt
new file mode 100644
index 0000000000000000000000000000000000000000..f0154c6059f9a44e4989cf396ab60526cbdb259a
Binary files /dev/null and b/SIGNATURES-3.6.11.txt differ
diff --git a/SIGNATURES-3.6.3.txt b/SIGNATURES-3.6.3.txt
deleted file mode 100644
index 232c0f8eb9aece80c839edb0a387b63030bf1bb3..0000000000000000000000000000000000000000
Binary files a/SIGNATURES-3.6.3.txt and /dev/null differ
diff --git a/wireshark-3.6.3.tar.xz b/wireshark-3.6.11.tar.xz
similarity index 77%
rename from wireshark-3.6.3.tar.xz
rename to wireshark-3.6.11.tar.xz
index a6889bd35f25b94d9843a65cde6ca7500725d306..1065315c627bdb78f2bcd829e368b7028c0ae648 100644
Binary files a/wireshark-3.6.3.tar.xz and b/wireshark-3.6.11.tar.xz differ
diff --git a/wireshark.spec b/wireshark.spec
index 2482c2271d85956883d2712a3562429dc44a2590..f4b77edb67136690768cf07c9ecbafb190fad30d 100644
--- a/wireshark.spec
+++ b/wireshark.spec
@@ -4,8 +4,8 @@
 
 Summary:	Network traffic analyzer
 Name:		wireshark
-Version:	3.6.3
-Release:	3
+Version:	3.6.11
+Release:	1
 Epoch:		1
 License:	GPL+
 Url:		http://www.wireshark.org/
@@ -21,8 +21,6 @@ Patch4:		wireshark-0004-Restore-Fedora-specific-groups.patch
 Patch5:		wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
 Patch6:		wireshark-0006-Move-tmp-to-var-tmp.patch
 Patch7:		wireshark-0007-cmakelists.patch
-Patch8:		CVE-2022-3190.patch
-Patch9:		CVE-2022-3725.patch
 
 Requires:	xdg-utils
 Requires:	hicolor-icon-theme
@@ -197,6 +195,9 @@ exit 0
 %{_mandir}/man?/*
 
 %changelog
+* Tue Feb 14 2023 liyuxiang<liyuxiang@ncti-gba.cn> - 1:3.6.11-1
+- Update to 3.6.11
+
 * Wed Nov 09 2022 liyuxiang<liyuxiang@ncti-gba.cn> - 1:3.6.3-3
 - fix CVE-2022-3725