diff --git a/.gitignore b/.gitignore
index 5650dd9..e70ab19 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/mariadb-5.5.50.tar.gz
+SOURCES/mariadb-5.5.52.tar.gz
diff --git a/.mariadb.metadata b/.mariadb.metadata
index 674d7db..b97ba17 100644
--- a/.mariadb.metadata
+++ b/.mariadb.metadata
@@ -1 +1 @@
-4bad9d566aae9d96155290bf3690eafe67363b36 SOURCES/mariadb-5.5.50.tar.gz
+bbedcc0eba7580d1ef16f2dfe4868cf9f31a636d SOURCES/mariadb-5.5.52.tar.gz
diff --git a/SOURCES/mariadb-mysql_secure_installation.patch b/SOURCES/mariadb-mysql_secure_installation.patch
new file mode 100644
index 0000000..2ad644e
--- /dev/null
+++ b/SOURCES/mariadb-mysql_secure_installation.patch
@@ -0,0 +1,45 @@
+From a0a93d99939de297863f7060e78e6a0ce7a271a7 Mon Sep 17 00:00:00 2001
+From: Sergei Golubchik <sergii@pisem.net>
+Date: Tue, 18 Nov 2014 22:26:04 +0100
+Subject: [PATCH] MDEV-4399 mysql_secure_installation reports error in
+ find_mysql_client
+
+1. remove find_mysql_client (from a bad merge)
+2. use $mysql_command
+---
+ scripts/mysql_secure_installation.sh | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/scripts/mysql_secure_installation.sh b/scripts/mysql_secure_installation.sh
+index 9e9bce9..8eca327 100644
+--- a/scripts/mysql_secure_installation.sh
++++ b/scripts/mysql_secure_installation.sh
+@@ -182,7 +182,7 @@ else
+ fi
+ 
+ mysql_command=`find_in_basedir mysql $bindir`
+-if test -z "$print_defaults"
++if test -z "$mysql_command"
+ then
+   cannot_find_file mysql $bindir
+   exit 1
+@@ -204,7 +204,7 @@ prepare() {
+ do_query() {
+     echo "$1" >$command
+     #sed 's,^,> ,' < $command  # Debugging
+-    $bindir/mysql --defaults-file=$config <$command
++    $mysql_command --defaults-file=$config <$command
+     return $?
+ }
+ 
+@@ -376,7 +376,6 @@ clean_and_exit() {
+ # The actual script starts here
+ 
+ prepare
+-find_mysql_client
+ set_echo_compat
+ 
+ echo
+-- 
+2.5.5
+
diff --git a/SOURCES/mariadb.tmpfiles.d b/SOURCES/mariadb.tmpfiles.d
index ba59d5b..6b64dd7 100644
--- a/SOURCES/mariadb.tmpfiles.d
+++ b/SOURCES/mariadb.tmpfiles.d
@@ -1 +1,5 @@
+# Do not edit this file; it will be overwritten on upgrades.
+# If you want to override the settings here, you can copy this file
+# to /etc/tmpfiles.d/mariadb.conf and make your changes there.
+
 d /var/run/mariadb 0755 mysql mysql -
diff --git a/SPECS/mariadb.spec b/SPECS/mariadb.spec
index 691a009..73c737d 100644
--- a/SPECS/mariadb.spec
+++ b/SPECS/mariadb.spec
@@ -3,7 +3,7 @@
 %bcond_with tokudb
 
 Name: mariadb
-Version: 5.5.50
+Version: 5.5.52
 Release: 1%{?dist}
 Epoch: 1
 
@@ -51,6 +51,7 @@ Patch11: mariadb-string-overflow.patch
 Patch14: mariadb-basedir.patch
 Patch17: mariadb-covscan-signexpr.patch
 Patch18: mariadb-covscan-stroverflow.patch
+Patch20: mariadb-mysql_secure_installation.patch
 
 BuildRequires: perl, readline-devel, openssl-devel
 BuildRequires: cmake, ncurses-devel, zlib-devel, libaio-devel
@@ -218,6 +219,7 @@ MariaDB is a community developed branch of MySQL.
 %patch14 -p1
 %patch17 -p1
 %patch18 -p1
+%patch20 -p1
 
 # workaround for upstream bug #56342
 rm -f mysql-test/t/ssl_8k_key-master.opt
@@ -269,7 +271,7 @@ CFLAGS=`echo $CFLAGS| sed -e "s|-O2|-O3|g" `
 CXXFLAGS="$CFLAGS"
 export CFLAGS CXXFLAGS
 # building with PIE
-LDFLAGS="$LDFLAGS -pie"
+LDFLAGS="$LDFLAGS -fPIE -pie -Wl,-z,relro,-z,now"
 export LDFLAGS
 
 # The INSTALL_xxx macros have to be specified relative to CMAKE_INSTALL_PREFIX
@@ -573,6 +575,8 @@ fi
 %dir %{_sysconfdir}/my.cnf.d
 %dir %{_libdir}/mysql
 %{_libdir}/mysql/libmysqlclient.so.*
+%{_libdir}/mysql/plugin/dialog.so
+%{_libdir}/mysql/plugin/mysql_clear_password.so
 %{_sysconfdir}/ld.so.conf.d/*
 
 %dir %{_datadir}/mysql
@@ -637,6 +641,8 @@ fi
 
 %{_libdir}/mysql/mysqlbug
 
+%exclude %{_libdir}/mysql/plugin/dialog.so
+%exclude %{_libdir}/mysql/plugin/mysql_clear_password.so
 %{_libdir}/mysql/plugin
 
 %{_mandir}/man1/msql2mysql.1*
@@ -722,9 +728,33 @@ fi
 %{_mandir}/man1/mysql_client_test.1*
 
 %changelog
+* Wed Sep 21 2016 Honza Horak <hhorak@redhat.com> - 5.5.52-1
+- Rebase to 5.5.52, that also include fix for CVE-2016-6662
+  Resolves: #1377974
+
+* Wed Aug 24 2016 Jakub Dorňák <jdornak@redhat.com> - 1:5.5.50-2
+- Rebuild
+  Related: #1359629
+
 * Mon Jul 25 2016 Jakub Dorňák <jdornak@redhat.com> - 1:5.5.50-1
 - Rebase to 5.5.50
-  Resolves: #1359628
+  Resolves: #1359629
+
+* Thu Jul 07 2016 Honza Horak <hhorak@redhat.com> - 1:5.5.47-5
+- Use full relro instead of just pie
+  Resolves: #1335863
+
+* Mon May 09 2016 Honza Horak <hhorak@redhat.com> - 1:5.5.47-4
+- dialog.so and mysql_clear_password.so should be in mariadb-libs package
+  Resolves: #1138843
+
+* Tue Apr 26 2016 Jakub Dorňák <jdornak@redhat.com> - 1:5.5.47-3
+- Fixed mysql_secure_installation
+  Resolves: #1186040
+
+* Thu Feb 18 2016 Jakub Dorňák <jdornak@redhat.com> - 1:5.5.47-2
+- Add warning to /usr/lib/tmpfiles.d/mariadb.conf
+  Resolves: #1241623
 
 * Wed Feb  3 2016 Jakub Dorňák <jdornak@redhat.com> - 1:5.5.47-1
 - Rebase to 5.5.47
@@ -734,7 +764,7 @@ fi
   CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598
   CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616
   CVE-2016-2047
-  Resolves: #1304515
+  Resolves: #1300621
 
 * Thu Jan 21 2016 Jakub Dorňák <jdornak@redhat.com> - 1:5.5.44-3
 - MDEV-8827 Duplicate key with auto increment