diff --git a/.gitignore b/.gitignore
index 4b55ce3..741887b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,3 +30,4 @@ noarch/
/mstflint-4.13.1-1.tar.gz
/mstflint-4.13.3-1.tar.gz
/mstflint-4.13.3-2.tar.gz
+/mstflint-4.14.0-1.tar.gz
diff --git a/0001-Fix-a-format-security-compilation-defect.patch b/0001-Fix-a-format-security-compilation-defect.patch
new file mode 100644
index 0000000..2612b3c
--- /dev/null
+++ b/0001-Fix-a-format-security-compilation-defect.patch
@@ -0,0 +1,45 @@
+From 28dfbf252a31b4e8c1d0f5e038f6889b7eadfc16 Mon Sep 17 00:00:00 2001
+From: Honggang Li <honli@redhat.com>
+Date: Wed, 1 Apr 2020 10:52:12 +0800
+Subject: [PATCH] Fix a format security compilation defect
+
+subcommands.cpp:1852:42: error: format not a string literal and no format arguments [-Werror=format-security]
+1852 | false, "N/A").c_str());
+
+Signed-off-by: Honggang Li <honli@redhat.com>
+---
+ flint/subcommands.cpp | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/flint/subcommands.cpp b/flint/subcommands.cpp
+index 7230f9a59f94..0f6440be7b28 100755
+--- a/flint/subcommands.cpp
++++ b/flint/subcommands.cpp
+@@ -1847,7 +1847,7 @@ bool BurnSubCommand::checkFwVersion(bool CreateFromImgInfo, u_int16_t fw_ver0, u
+ char curr_ver[124], new_ver[124];
+ printf("\n");
+ printf(" Current FW version on flash: ");
+- snprintf(curr_ver, 124,
++ snprintf(curr_ver, 124, "%s",
+ current.get_fw_version(VERSION_FORMAT(_devInfo.fw_info.fw_ver[1]),
+ false, "N/A").c_str());
+
+@@ -1856,13 +1856,13 @@ bool BurnSubCommand::checkFwVersion(bool CreateFromImgInfo, u_int16_t fw_ver0, u
+
+ printf(" New FW version: ");
+ if (CreateFromImgInfo) {
+- snprintf(new_ver, 124,
++ snprintf(new_ver, 124, "%s",
+ new_version.get_fw_version(
+ VERSION_FORMAT(_imgInfo.fw_info.fw_ver[1]), false,
+ "N/A").c_str());
+ }
+ else {
+- snprintf(new_ver, 124,
++ snprintf(new_ver, 124, "%s",
+ new_version.get_fw_version(VERSION_FORMAT(fw_ver1), false,
+ "N/A").c_str());
+ }
+--
+2.25.1
+
diff --git a/mstflint.spec b/mstflint.spec
index 9f3d238..f457ce4 100644
--- a/mstflint.spec
+++ b/mstflint.spec
@@ -2,14 +2,15 @@
Name: mstflint
Summary: Mellanox firmware burning tool
-Version: 4.13.3
-Release: 3%{?dist}
+Version: 4.14.0
+Release: 1%{?dist}
License: GPLv2+ or BSD
Group: Applications/System
-Source: https://github.com/Mellanox/mstflint/releases/download/v4.13.3-2/mstflint-4.13.3-2.tar.gz
+Source: https://github.com/Mellanox/mstflint/releases/download/v4.14.0-1/mstflint-4.14.0-1.tar.gz
Patch3: extend-buffer.patch
Patch4: add-default-link-flags-for-shared-libraries.patch
Patch6: replace-mlxfwreset-with-mstfwreset-in-mstflint-message.patch
+Patch7: 0001-Fix-a-format-security-compilation-defect.patch
Url: https://github.com/Mellanox/mstflint
BuildRequires: libstdc++-devel, zlib-devel, libibmad-devel, gcc-c++, gcc
BuildRequires: libcurl-devel, boost-devel, libxml2-devel, openssl-devel
@@ -29,6 +30,7 @@ for network adapters based on Mellanox Technologies chips.
%patch3 -p1
%patch4 -p1
%patch6 -p1
+%patch7 -p1
find . -type f -iname '*.[ch]' -exec chmod a-x '{}' ';'
find . -type f -iname '*.cpp' -exec chmod a-x '{}' ';'
@@ -56,6 +58,9 @@ find %{buildroot} -type f -name '*.a' -delete
%{_mandir}/man1/*
%changelog
+* Tue Mar 31 2020 Honggang Li <honli@redhat.com> - 4.14.0-1
+- Rebase mstflint to latest upstream release v4.14.0-1
+
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 4.13.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
diff --git a/sources b/sources
index 7292f47..47d9680 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (mstflint-4.13.3-2.tar.gz) = 3e0496806d07af1c93f69e1ff609bf3b2d1e92e861f322e4942cd2cfa34caf46f2c2f9fdd62308cc070ad634defd12084a327b58a4e0303a34abe7403a98b151
+SHA512 (mstflint-4.14.0-1.tar.gz) = 965b25141d1b960bb575fc9fb089e912b0408af72919d23f295c6a8e8650c95c9459cb496171dca7f818252a180bd85bee8ed0f876159279013828478a0c2101