diff --git a/.flatpak.metadata b/.flatpak.metadata
index 1450248..319360d 100644
--- a/.flatpak.metadata
+++ b/.flatpak.metadata
@@ -1,3 +1,3 @@
-2dc9cc0f1d80421ea800be3c005d9b5dd94c8156 SOURCES/flatpak-1.0.2.tar.xz
+51317ee7abeb09fc68c924ee74463185be901658 SOURCES/flatpak-1.0.9.tar.xz
 5cab51142ec15ee113b4c87a2645b4e1c7179fa7 SOURCES/flatpak-builder-1.0.0.tar.xz
 c8dabfe09e987a15d99e4723be23f23da9f7bbb3 SOURCES/libostree-2018.8.tar.xz
diff --git a/.gitignore b/.gitignore
index 48b75c2..7bf1a15 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
-SOURCES/flatpak-1.0.2.tar.xz
+SOURCES/flatpak-1.0.9.tar.xz
 SOURCES/flatpak-builder-1.0.0.tar.xz
 SOURCES/libostree-2018.8.tar.xz
diff --git a/SOURCES/0001-oci-Handle-cancellations-for-appstream.patch b/SOURCES/0001-oci-Handle-cancellations-for-appstream.patch
new file mode 100644
index 0000000..5c49a07
--- /dev/null
+++ b/SOURCES/0001-oci-Handle-cancellations-for-appstream.patch
@@ -0,0 +1,37 @@
+From 3ad6fe680cf3804193c8a4fe4f9f6e8840ef3524 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen@redhat.com>
+Date: Wed, 17 Apr 2019 11:40:26 -0400
+Subject: [PATCH 1/3] oci: Handle cancellations for appstream
+
+When an appstream update is cancelled while downloading
+icons, properly fail. Otherwise, the next update attempt
+will see an up-to-date timestamp, think everyhing is ok
+and not download the missing icons.
+
+Closes: https://github.com/flatpak/flatpak/issues/2835
+
+Closes: #2836
+Approved by: alexlarsson
+
+(cherry picked from commit f28e62add1eb508bbfe97aab94743b129d1422ee)
+---
+ common/flatpak-oci-registry.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/common/flatpak-oci-registry.c b/common/flatpak-oci-registry.c
+index fe9afbdd..1a6edb76 100644
+--- a/common/flatpak-oci-registry.c
++++ b/common/flatpak-oci-registry.c
+@@ -2473,6 +2473,9 @@ flatpak_oci_index_make_appstream (SoupSession  *soup_session,
+         }
+     }
+ 
++  if (g_cancellable_set_error_if_cancelled (cancellable, error))
++    return NULL;
++
+   if (!flatpak_appstream_xml_root_to_data (appstream_root,
+                                            &bytes, NULL, error))
+     return NULL;
+-- 
+2.21.0
+
diff --git a/SOURCES/0003-update-Fix-OCI-updates-in-the-system-repo.patch b/SOURCES/0003-update-Fix-OCI-updates-in-the-system-repo.patch
new file mode 100644
index 0000000..c91ab00
--- /dev/null
+++ b/SOURCES/0003-update-Fix-OCI-updates-in-the-system-repo.patch
@@ -0,0 +1,73 @@
+From 962a7f560ee0fa08eb30b0536d4ae9659ceaf163 Mon Sep 17 00:00:00 2001
+From: Alexander Larsson <alexl@redhat.com>
+Date: Wed, 8 May 2019 16:54:55 +0200
+Subject: [PATCH 3/3] update: Fix OCI updates in the system repo
+
+We need to check whether the remote is gpg verified after handling
+the oci case, because OCI is fine to update systemwide without gpg
+verification (in fact it doesn't support verification).
+
+This just reorders the code, matching what is done in the install
+case already.
+
+Closes: #2891
+Approved by: alexlarsson
+
+(cherry picked from commit 4c4c80b85d629bad1a377524b7787200f1c831a0)
+---
+ common/flatpak-dir.c | 32 ++++++++++++++++----------------
+ 1 file changed, 16 insertions(+), 16 deletions(-)
+
+diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
+index 79fa361d..1fc6a90c 100644
+--- a/common/flatpak-dir.c
++++ b/common/flatpak-dir.c
+@@ -8364,22 +8364,6 @@ flatpak_dir_update (FlatpakDir                           *self,
+       if (no_pull)
+         {
+         }
+-      else if ((!gpg_verify_summary && state->collection_id == NULL) || !gpg_verify)
+-        {
+-          /* The remote is not gpg verified, so we don't want to allow installation via
+-             a download in the home directory, as there is no way to verify you're not
+-             injecting anything into the remote. However, in the case of a remote
+-             configured to a local filesystem we can just let the system helper do
+-             the installation, as it can then avoid network i/o and be certain the
+-             data comes from the right place.
+-
+-             If @collection_id is non-%NULL, we can verify the refs in commit
+-             metadata, so don’t need to verify the summary. */
+-          if (g_str_has_prefix (url, "file:"))
+-            helper_flags |= FLATPAK_HELPER_DEPLOY_FLAGS_LOCAL_PULL;
+-          else
+-            return flatpak_fail_error (error, FLATPAK_ERROR_UNTRUSTED, _("Can't pull from untrusted non-gpg verified remote"));
+-        }
+       else if (is_oci)
+         {
+           g_autoptr(FlatpakOciRegistry) registry = NULL;
+@@ -8396,6 +8380,22 @@ flatpak_dir_update (FlatpakDir                           *self,
+           if (!flatpak_dir_mirror_oci (self, registry, state, ref, NULL, progress, cancellable, error))
+             return FALSE;
+         }
++      else if ((!gpg_verify_summary && state->collection_id == NULL) || !gpg_verify)
++        {
++          /* The remote is not gpg verified, so we don't want to allow installation via
++             a download in the home directory, as there is no way to verify you're not
++             injecting anything into the remote. However, in the case of a remote
++             configured to a local filesystem we can just let the system helper do
++             the installation, as it can then avoid network i/o and be certain the
++             data comes from the right place.
++
++             If @collection_id is non-%NULL, we can verify the refs in commit
++             metadata, so don’t need to verify the summary. */
++          if (g_str_has_prefix (url, "file:"))
++            helper_flags |= FLATPAK_HELPER_DEPLOY_FLAGS_LOCAL_PULL;
++          else
++            return flatpak_fail_error (error, FLATPAK_ERROR_UNTRUSTED, _("Can't pull from untrusted non-gpg verified remote"));
++        }
+       else
+         {
+           /* We're pulling from a remote source, we do the network mirroring pull as a
+-- 
+2.21.0
+
diff --git a/SOURCES/flatpak-1.0.2-CVE-2019-10063.patch b/SOURCES/flatpak-1.0.2-CVE-2019-10063.patch
deleted file mode 100644
index 6a9d751..0000000
--- a/SOURCES/flatpak-1.0.2-CVE-2019-10063.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 9686b3007afb15162cb2b5ca3219d906cc849a60 Mon Sep 17 00:00:00 2001
-From: Ryan Gonzalez <rymg19@gmail.com>
-Date: Mon, 25 Mar 2019 13:00:15 -0500
-Subject: [PATCH] run: Only compare the lowest 32 ioctl arg bits for TIOCSTI
-
-Closes #2782.
-
-Closes: #2783
-Approved by: alexlarsson
----
- common/flatpak-run.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/common/flatpak-run.c b/common/flatpak-run.c
-index b4f2c475..0e6b3141 100644
---- a/common/flatpak-run.c
-+++ b/common/flatpak-run.c
-@@ -2122,7 +2122,7 @@ setup_seccomp (FlatpakBwrap   *bwrap,
-     {SCMP_SYS (clone), &SCMP_A0 (SCMP_CMP_MASKED_EQ, CLONE_NEWUSER, CLONE_NEWUSER)},
- 
-     /* Don't allow faking input to the controlling tty (CVE-2017-5226) */
--    {SCMP_SYS (ioctl), &SCMP_A1 (SCMP_CMP_EQ, (int) TIOCSTI)},
-+    {SCMP_SYS (ioctl), &SCMP_A1 (SCMP_CMP_MASKED_EQ, 0xFFFFFFFFu, (int) TIOCSTI)},
-   };
- 
-   struct
--- 
-2.21.0
-
diff --git a/SOURCES/flatpak-1.0.2-CVE-2019-5736.patch b/SOURCES/flatpak-1.0.2-CVE-2019-5736.patch
deleted file mode 100644
index 2fa3347..0000000
--- a/SOURCES/flatpak-1.0.2-CVE-2019-5736.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 86d9d711bdaada5677166a99b96b769df2c5e7b6 Mon Sep 17 00:00:00 2001
-From: Alexander Larsson <alexl@redhat.com>
-Date: Sun, 10 Feb 2019 18:23:44 +0100
-Subject: [PATCH] Don't expose /proc when running apply_extra
-
-As shown by CVE-2019-5736, it is sometimes possible for the sandbox
-app to access outside files using /proc/self/exe. This is not
-typically an issue for flatpak as the sandbox runs as the user which
-has no permissions to e.g. modify the host files.
-
-However, when installing apps using extra-data into the system repo
-we *do* actually run a sandbox as root. So, in this case we disable mounting
-/proc in the sandbox, which will neuter attacks like this.
----
- common/flatpak-common-types-private.h | 1 +
- common/flatpak-dir.c                  | 2 +-
- common/flatpak-run.c                  | 6 +++++-
- 3 files changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/common/flatpak-common-types-private.h b/common/flatpak-common-types-private.h
-index 8c40d2e8..1e94bd1c 100644
---- a/common/flatpak-common-types-private.h
-+++ b/common/flatpak-common-types-private.h
-@@ -44,6 +44,7 @@ typedef enum {
-   FLATPAK_RUN_FLAG_SANDBOX            = (1 << 14),
-   FLATPAK_RUN_FLAG_NO_DOCUMENTS_PORTAL = (1 << 15),
-   FLATPAK_RUN_FLAG_BLUETOOTH          = (1 << 16),
-+  FLATPAK_RUN_FLAG_NO_PROC            = (1 << 19),
- } FlatpakRunFlags;
- 
- typedef struct FlatpakDir          FlatpakDir;
-diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
-index eb69225d..be370d49 100644
---- a/common/flatpak-dir.c
-+++ b/common/flatpak-dir.c
-@@ -6509,7 +6509,7 @@ apply_extra_data (FlatpakDir   *self,
-                           NULL);
- 
-   if (!flatpak_run_setup_base_argv (bwrap, runtime_files, NULL, runtime_ref_parts[2],
--                                    FLATPAK_RUN_FLAG_NO_SESSION_HELPER,
-+                                    FLATPAK_RUN_FLAG_NO_SESSION_HELPER | FLATPAK_RUN_FLAG_NO_PROC,
-                                     error))
-     return FALSE;
- 
-diff --git a/common/flatpak-run.c b/common/flatpak-run.c
-index 6ab466af..b4f2c475 100644
---- a/common/flatpak-run.c
-+++ b/common/flatpak-run.c
-@@ -2347,9 +2347,13 @@ flatpak_run_setup_base_argv (FlatpakBwrap   *bwrap,
-     "# Disable user pkcs11 config, because the host modules don't work in the runtime\n"
-     "user-config: none\n";
- 
-+  if ((flags & FLATPAK_RUN_FLAG_NO_PROC) == 0)
-+    flatpak_bwrap_add_args (bwrap,
-+                            "--proc", "/proc",
-+                            NULL);
-+
-   flatpak_bwrap_add_args (bwrap,
-                           "--unshare-pid",
--                          "--proc", "/proc",
-                           "--dir", "/tmp",
-                           "--dir", "/var/tmp",
-                           "--dir", "/run/host",
--- 
-2.20.1
-
diff --git a/SPECS/flatpak.spec b/SPECS/flatpak.spec
index eeba662..366ee6c 100644
--- a/SPECS/flatpak.spec
+++ b/SPECS/flatpak.spec
@@ -1,10 +1,10 @@
-%global flatpak_version 1.0.2
+%global flatpak_version 1.0.9
 %global flatpak_builder_version 1.0.0
 %global ostree_version 2018.8
 
 Name:           flatpak
 Version:        %{flatpak_version}
-Release:        7%{?dist}
+Release:        9%{?dist}
 Summary:        Application deployment framework for desktop apps
 
 License:        LGPLv2+
@@ -21,10 +21,8 @@ Patch0:         no-user-systemd.patch
 Patch1:         flatpak-ostree-bundle.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1660137
 Patch2:         flatpak-1.0.4-oci-fixes.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1675435
-Patch3:         flatpak-1.0.2-CVE-2019-5736.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1700652
-Patch4:         flatpak-1.0.2-CVE-2019-10063.patch
+Patch3:         0001-oci-Handle-cancellations-for-appstream.patch
+Patch4:         0003-update-Fix-OCI-updates-in-the-system-repo.patch
 
 BuildRequires:  pkgconfig(appstream-glib)
 BuildRequires:  pkgconfig(fuse)
@@ -294,6 +292,13 @@ flatpak remote-list --system &> /dev/null || :
 
 
 %changelog
+* Wed Jan 29 2020 Kalev Lember <klember@redhat.com> - 1.0.9-9
+- Backport OCI fixes from upstream
+- Resolves: #1796340
+
+* Fri Sep 20 2019 Kalev Lember <klember@redhat.com> - 1.0.9-8
+- Update to 1.0.9 (#1753591)
+
 * Mon Apr 29 2019 David King <dking@redhat.com> - 1.0.2-7
 - Fix IOCSTI sandbox bypass (#1700652)