diff --git a/.cvsignore b/.cvsignore
index 3464416..c84aaa3 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-modsecurity-apache_2.5.7.tar.gz
+modsecurity-apache_2.5.9.tar.gz
diff --git a/mod_security.spec b/mod_security.spec
index 250250b..2efde0d 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -1,7 +1,7 @@
 Summary: Security module for the Apache HTTP Server
 Name: mod_security 
-Version: 2.5.7
-Release: 2%{?dist}
+Version: 2.5.9
+Release: 1%{?dist}
 License: GPLv2
 URL: http://www.modsecurity.org/
 Group: System Environment/Daemons
@@ -54,6 +54,10 @@ rm -rf %{buildroot}
 %config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/optional_rules/*.conf
 
 %changelog
+* Thu Mar 12 2009 Michael Fleming <mfleming+rpm@thatfleminggent.com> 2.5.9-1
+- Update to upstream release 2.5.9
+- Fixes potential DoS' in multipart request and PDF XSS handling
+
 * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.5.7-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
 
diff --git a/sources b/sources
index 735eeb8..2f784ba 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-049509c4d76048ce02cfb558d6598761  modsecurity-apache_2.5.7.tar.gz
+b7bf44a7e041b49b0da5043495660375  modsecurity-apache_2.5.9.tar.gz