diff --git a/SPECS/krb5.spec b/SPECS/krb5.spec
index dfe6d1d..277654d 100644
--- a/SPECS/krb5.spec
+++ b/SPECS/krb5.spec
@@ -42,7 +42,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.19.1
-Release: %{?zdpd}12%{?dist}
+Release: %{?zdpd}13%{?dist}
 
 # rharwood has trust path to signing key and verifies on check-in
 Source0: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz
@@ -427,14 +427,9 @@ install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/authdata
 # list of link flags, and it helps prevent file conflicts on multilib systems.
 sed -r -i -e 's|^libdir=/usr/lib(64)?$|libdir=/usr/lib|g' $RPM_BUILD_ROOT%{_bindir}/krb5-config
 
-# Temporay workaround for krb5-config reading too much from LDFLAGS.
-# Upstream: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8159
-sed -r -i -e "s/-specs=\/.+?\/redhat-hardened-ld//g" $RPM_BUILD_ROOT%{_bindir}/krb5-config
-
-if [[ "$(< $RPM_BUILD_ROOT%{_bindir}/krb5-config )" == *redhat-hardened-ld* ]] ; then
-    printf '# redhat-hardened-ld for krb5-config failed' 1>&2
-    exit 1
-fi
+# Workaround for krb5-config reading too much from LDFLAGS.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1997021
+sed -r -i -e "s/-specs=[^ ]*//g" $RPM_BUILD_ROOT%{_bindir}/krb5-config
 
 # Install processed man pages.
 for section in 1 5 8 ; do
@@ -651,6 +646,10 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*
 
 %changelog
+* Fri Dec 17 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-13
+- Remove -specs= from krb5-config output
+- Resolves #1997021
+
 * Wed Oct 20 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-12
 - Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
 - Resolves: #1997602