diff --git a/.gitignore b/.gitignore
index bb3b302..d5eca14 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/librepo-1.12.0.tar.gz
+SOURCES/librepo-1.14.0.tar.gz
diff --git a/.librepo.metadata b/.librepo.metadata
index 7d9c0bf..fcd9ed5 100644
--- a/.librepo.metadata
+++ b/.librepo.metadata
@@ -1 +1 @@
-1981d485743337c93d2b098920e5f738bd41fdc9 SOURCES/librepo-1.12.0.tar.gz
+b09cf9ac3751e3c513e1c30a527d1a5e460853b7 SOURCES/librepo-1.14.0.tar.gz
diff --git a/SOURCES/0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch b/SOURCES/0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
deleted file mode 100644
index aeb2858..0000000
--- a/SOURCES/0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 699d3ee7b8968b5586ceb53e07d678e702735609 Mon Sep 17 00:00:00 2001
-From: Jaroslav Rohel <jrohel@redhat.com>
-Date: Wed, 12 Aug 2020 08:35:28 +0200
-Subject: [PATCH] Validate path read from repomd.xml
-
----
- librepo/yum.c | 17 +++++++++++++++++
- 1 file changed, 17 insertions(+)
-
-diff --git a/librepo/yum.c b/librepo/yum.c
-index 3059188..529257b 100644
---- a/librepo/yum.c
-+++ b/librepo/yum.c
-@@ -23,6 +23,7 @@
- #define  BITS_IN_BYTE 8
- 
- #include <stdio.h>
-+#include <libgen.h>
- #include <assert.h>
- #include <stdlib.h>
- #include <errno.h>
-@@ -770,6 +771,22 @@ prepare_repo_download_targets(LrHandle *handle,
-             continue;
- 
-         char *location_href = record->location_href;
-+
-+        char *dest_dir = realpath(handle->destdir, NULL);
-+        path = lr_pathconcat(handle->destdir, record->location_href, NULL);
-+        char *requested_dir = realpath(dirname(path), NULL);
-+        lr_free(path);
-+        if (!g_str_has_prefix(requested_dir, dest_dir)) {
-+            g_debug("%s: Invalid path: %s", __func__, location_href);
-+            g_set_error(err, LR_YUM_ERROR, LRE_IO, "Invalid path: %s", location_href);
-+            g_slist_free_full(*targets, (GDestroyNotify) lr_downloadtarget_free);
-+            free(requested_dir);
-+            free(dest_dir);
-+            return FALSE;
-+        }
-+        free(requested_dir);
-+        free(dest_dir);
-+
-         gboolean is_zchunk = FALSE;
-         #ifdef WITH_ZCHUNK
-         if (handle->cachedir && record->header_checksum)
--- 
-2.28.0
-
diff --git a/SOURCES/0002-Add-support-for-pkcs11-certificate-and-key-for-repos.patch b/SOURCES/0002-Add-support-for-pkcs11-certificate-and-key-for-repos.patch
deleted file mode 100644
index d4ab6f5..0000000
--- a/SOURCES/0002-Add-support-for-pkcs11-certificate-and-key-for-repos.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 1e7673d07308081f13e7bb1829cfed2ccd865ea0 Mon Sep 17 00:00:00 2001
-From: Masahiro Matsuya <mmatsuya@redhat.com>
-Date: Fri, 13 Nov 2020 17:37:59 +0100
-Subject: [PATCH] Add support for pkcs11 certificate and key for repository
- authorization
-
-msg: Add support for pkcs11 certificate and key for repository authorization
-type: enhancement
-resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1859495
----
- librepo/handle.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/librepo/handle.c b/librepo/handle.c
-index d8728c4..33edf5d 100644
---- a/librepo/handle.c
-+++ b/librepo/handle.c
-@@ -649,6 +649,9 @@ lr_handle_setopt(LrHandle *handle,
-             lr_free(handle->sslclientcert);
-         handle->sslclientcert = g_strdup(va_arg(arg, char *));
-         c_rc = curl_easy_setopt(c_h, CURLOPT_SSLCERT, handle->sslclientcert);
-+        if (c_rc == CURLE_OK && handle->sslclientcert && !strncasecmp(handle->sslclientcert, "pkcs11:", 7)) {
-+            c_rc = curl_easy_setopt(c_h, CURLOPT_SSLCERTTYPE, "ENG");
-+        }
-         break;
- 
-     case LRO_SSLCLIENTKEY:
-@@ -656,6 +659,9 @@ lr_handle_setopt(LrHandle *handle,
-             lr_free(handle->sslclientkey);
-         handle->sslclientkey = g_strdup(va_arg(arg, char *));
-         c_rc = curl_easy_setopt(c_h, CURLOPT_SSLKEY, handle->sslclientkey);
-+        if (c_rc == CURLE_OK && handle->sslclientkey && !strncasecmp(handle->sslclientkey, "pkcs11:", 7)) {
-+            c_rc = curl_easy_setopt(c_h, CURLOPT_SSLKEYTYPE, "ENG");
-+        }
-         break;
- 
-     case LRO_SSLCACERT:
--- 
-2.26.2
-
diff --git a/SPECS/librepo.spec b/SPECS/librepo.spec
index 4ed5503..d2523fa 100644
--- a/SPECS/librepo.spec
+++ b/SPECS/librepo.spec
@@ -1,21 +1,6 @@
-%global libcurl_version 7.28.0
+%global libcurl_version 7.52.0
 
-%if 0%{?rhel} && 0%{?rhel} <= 7
-# Do not build bindings for python3 for RHEL <= 7
-%bcond_with python3
-# python-flask is not in RHEL7
-%bcond_with pythontests
-%else
-%bcond_without python3
-%bcond_without pythontests
-%endif
-
-%if 0%{?rhel} > 7 || 0%{?fedora} > 29
-# Do not build bindings for python2 for RHEL > 7 and Fedora > 29
-%bcond_with python2
-%else
-%bcond_without python2
-%endif
+%undefine __cmake_in_source_build
 
 %if 0%{?rhel}
 %bcond_with zchunk
@@ -26,17 +11,14 @@
 %global dnf_conflict 2.8.8
 
 Name:           librepo
-Version:        1.12.0
-Release:        3%{?dist}
+Version:        1.14.0
+Release:        1%{?dist}
 Summary:        Repodata downloading library
 
 License:        LGPLv2+
 URL:            https://github.com/rpm-software-management/librepo
 Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz
 
-Patch1:         0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
-Patch2:         0002-Add-support-for-pkcs11-certificate-and-key-for-repos.patch
-
 BuildRequires:  cmake
 BuildRequires:  gcc
 BuildRequires:  check-devel
@@ -64,48 +46,14 @@ Requires:       %{name}%{?_isa} = %{version}-%{release}
 %description devel
 Development files for librepo.
 
-%if %{with python2}
-%package -n python2-%{name}
-Summary:        Python bindings for the librepo library
-%{?python_provide:%python_provide python2-%{name}}
-%if 0%{?rhel} && 0%{?rhel} <= 7
-BuildRequires:  python-sphinx
-%else
-BuildRequires:  python2-sphinx
-%endif
-BuildRequires:  python2-devel
-%if %{with pythontests}
-BuildRequires:  python2-flask
-BuildRequires:  python2-nose
-BuildRequires:  python2-requests
-%if (0%{?rhel} && 0%{?rhel} <= 7)
-BuildRequires:  pyxattr
-BuildRequires:  pygpgme
-%else
-BuildRequires:  python2-pyxattr
-BuildRequires:  python2-gpg
-%endif
-%endif
-# endif with pythontests
-Requires:       %{name}%{?_isa} = %{version}-%{release}
-Conflicts:      python2-dnf < %{dnf_conflict}
-
-%description -n python2-%{name}
-Python 2 bindings for the librepo library.
-%endif
-
-%if %{with python3}
 %package -n python3-%{name}
 Summary:        Python 3 bindings for the librepo library
 %{?python_provide:%python_provide python3-%{name}}
 BuildRequires:  python3-devel
-%if %{with pythontests}
 BuildRequires:  python3-gpg
 BuildRequires:  python3-flask
-BuildRequires:  python3-nose
 BuildRequires:  python3-pyxattr
 BuildRequires:  python3-requests
-%endif
 BuildRequires:  python3-sphinx
 Requires:       %{name}%{?_isa} = %{version}-%{release}
 # Obsoletes Fedora 27 package
@@ -114,56 +62,19 @@ Conflicts:      python3-dnf < %{dnf_conflict}
 
 %description -n python3-%{name}
 Python 3 bindings for the librepo library.
-%endif
 
 %prep
 %autosetup -p1
 
-mkdir build-py2
-mkdir build-py3
-
 %build
-%if %{with python2}
-pushd build-py2
-  %cmake -DPYTHON_DESIRED:FILEPATH=%{__python2} %{!?with_zchunk:-DWITH_ZCHUNK=OFF} -DENABLE_PYTHON_TESTS=%{?with_pythontests:ON}%{!?with_pythontests:OFF} ..
-  %make_build
-popd
-%endif
-
-%if %{with python3}
-pushd build-py3
-  %cmake -DPYTHON_DESIRED:FILEPATH=%{__python3} %{!?with_zchunk:-DWITH_ZCHUNK=OFF} -DENABLE_PYTHON_TESTS=%{?with_pythontests:ON}%{!?with_pythontests:OFF} ..
-  %make_build
-popd
-%endif
+%cmake %{!?with_zchunk:-DWITH_ZCHUNK=OFF}
+%cmake_build
 
 %check
-%if %{with python2}
-pushd build-py2
-  #ctest -VV
-  make ARGS="-V" test
-popd
-%endif
-
-%if %{with python3}
-pushd build-py3
-  #ctest -VV
-  make ARGS="-V" test
-popd
-%endif
+%ctest
 
 %install
-%if %{with python2}
-pushd build-py2
-  %make_install
-popd
-%endif
-
-%if %{with python3}
-pushd build-py3
-  %make_install
-popd
-%endif
+%cmake_install
 
 %if 0%{?rhel} && 0%{?rhel} <= 7
 %post -p /sbin/ldconfig
@@ -182,17 +93,20 @@ popd
 %{_libdir}/pkgconfig/%{name}.pc
 %{_includedir}/%{name}/
 
-%if %{with python2}
-%files -n python2-%{name}
-%{python2_sitearch}/%{name}/
-%endif
-
-%if %{with python3}
 %files -n python3-%{name}
 %{python3_sitearch}/%{name}/
-%endif
 
 %changelog
+* Fri Apr 30 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.0-1
+- Update to 1.14.0
+- Fix the key string parsing in url_substitution
+- When zchunk enabled and not using HTTP/S protocol, download the whole file (RhBug:1886706)
+- Add an option LRO_SSLVERIFYSTATUS to check TLS certificate revocation status (using OCSP stapling) (RhBug:1814383)
+- Fix: lr_perform() - Avoid 100% CPU usage
+- Add support for working with certificates used with proxy
+- Reposync does not re-download unchanged packages (RhBug:1931904)
+- Fix memory leaks
+
 * Tue Dec 15 2020 Marek Blaha <mblaha@redhat.com> - 1.12.0-3
 - Add support for pkcs11 certificate and key for repository authorization (RhBug:1859495)