diff --git a/SOURCES/openvswitch-3.1.0.patch b/SOURCES/openvswitch-3.1.0.patch
index 860eccb..5dc986e 100644
--- a/SOURCES/openvswitch-3.1.0.patch
+++ b/SOURCES/openvswitch-3.1.0.patch
@@ -12,18 +12,24 @@ index b59b7634f..d13895655 100644
  
  This action was added in Open vSwitch 2.14.
 diff --git a/NEWS b/NEWS
-index 37a01dea5..58a52120b 100644
+index 37a01dea5..e59f9530b 100644
 --- a/NEWS
 +++ b/NEWS
-@@ -1,3 +1,6 @@
-+v3.1.1 - xx xxx xxxx
+@@ -1,3 +1,12 @@
++v3.1.2 - xx xxx xxxx
 +--------------------
 +
++v3.1.1 - 06 Apr 2023
++--------------------
++   - Bug fixes
++   - Security:
++     * Fixed vulnerability CVE-2023-1668.
++
  v3.1.0 - 16 Feb 2023
  --------------------
     - ovs-vswitchd now detects changes in CPU affinity and adjusts the number
 diff --git a/configure.ac b/configure.ac
-index 9bf896c01..dea3b6f0b 100644
+index 9bf896c01..78a7ae31a 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -13,7 +13,7 @@
@@ -31,20 +37,26 @@ index 9bf896c01..dea3b6f0b 100644
  
  AC_PREREQ(2.63)
 -AC_INIT(openvswitch, 3.1.0, bugs@openvswitch.org)
-+AC_INIT(openvswitch, 3.1.1, bugs@openvswitch.org)
++AC_INIT(openvswitch, 3.1.2, bugs@openvswitch.org)
  AC_CONFIG_SRCDIR([vswitchd/ovs-vswitchd.c])
  AC_CONFIG_MACRO_DIR([m4])
  AC_CONFIG_AUX_DIR([build-aux])
 diff --git a/debian/changelog b/debian/changelog
-index a5ad222c4..83cc8e010 100644
+index a5ad222c4..4663a2c29 100644
 --- a/debian/changelog
 +++ b/debian/changelog
-@@ -1,3 +1,9 @@
+@@ -1,3 +1,15 @@
++openvswitch (3.1.2-1) unstable; urgency=low
++   [ Open vSwitch team ]
++   * New upstream version
++
++ -- Open vSwitch team <dev@openvswitch.org>  Thu, 06 Apr 2023 15:10:30 +0200
++
 +openvswitch (3.1.1-1) unstable; urgency=low
 +   [ Open vSwitch team ]
 +   * New upstream version
 +
-+ -- Open vSwitch team <dev@openvswitch.org>  Thu, 16 Feb 2023 13:52:24 +0100
++ -- Open vSwitch team <dev@openvswitch.org>  Thu, 06 Apr 2023 15:10:30 +0200
 +
  openvswitch (3.1.0-1) unstable; urgency=low
  
@@ -124,6 +136,26 @@ index 0a89626cc..18dbfc83a 100644
      return NULL;
  }
  
+diff --git a/lib/conntrack-tp.h b/lib/conntrack-tp.h
+index 4d411d19f..7ece2eae2 100644
+--- a/lib/conntrack-tp.h
++++ b/lib/conntrack-tp.h
+@@ -17,8 +17,15 @@
+ #ifndef CONNTRACK_TP_H
+ #define CONNTRACK_TP_H 1
+ 
++#include <stdint.h>
++
+ #define CT_DPIF_NETDEV_TP_MIN 30
++
+ enum ct_timeout;
++struct conn;
++struct conntrack;
++struct timeout_policy;
++
+ void timeout_policy_init(struct conntrack *ct);
+ int timeout_policy_update(struct conntrack *ct, struct timeout_policy *tp);
+ int timeout_policy_delete(struct conntrack *ct, uint32_t tp_id);
 diff --git a/lib/conntrack.c b/lib/conntrack.c
 index 524670e45..8cf7779c6 100644
 --- a/lib/conntrack.c
@@ -1907,6 +1939,28 @@ index eabec18a3..3ce4e82ec 100644
      open_vconn(ctx->argv[1], &vconn);
      enum ofp_version version = vconn_get_version(vconn);
      struct ofpbuf *msg = ofp_ct_match_encode(&match, pzone, version);
+diff --git a/utilities/ovs-tcpdump.in b/utilities/ovs-tcpdump.in
+index a49ec9f94..420c11eb8 100755
+--- a/utilities/ovs-tcpdump.in
++++ b/utilities/ovs-tcpdump.in
+@@ -538,6 +538,17 @@ def main():
+             print(data.decode('utf-8'))
+         raise KeyboardInterrupt
+     except KeyboardInterrupt:
++        # If there is a pipe behind ovs-tcpdump (such as ovs-tcpdump
++        # -i eth0 | grep "192.168.1.1"), the pipe is no longer available
++        # after received Ctrl+C.
++        # If we write data to an unavailable pipe, a pipe error will be
++        # reported, so we turn off stdout to avoid subsequent flushing
++        # of data into the pipe.
++        try:
++            sys.stdout.close()
++        except IOError:
++            pass
++
+         if pipes.poll() is None:
+             pipes.terminate()
+ 
 diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
 index bfb2adef1..0deca14b9 100644
 --- a/vswitchd/bridge.c
diff --git a/SPECS/openvswitch3.1.spec b/SPECS/openvswitch3.1.spec
index ff7401f..290f200 100644
--- a/SPECS/openvswitch3.1.spec
+++ b/SPECS/openvswitch3.1.spec
@@ -57,7 +57,7 @@ Summary: Open vSwitch
 Group: System Environment/Daemons daemon/database/utilities
 URL: http://www.openvswitch.org/
 Version: 3.1.0
-Release: 14%{?dist}
+Release: 17%{?dist}
 
 # Nearly all of openvswitch is ASL 2.0.  The bugtool is LGPLv2+, and the
 # lib/sflow*.[ch] files are SISSL
@@ -751,6 +751,26 @@ exit 0
 %endif
 
 %changelog
+* Tue Apr 11 2023 Open vSwitch CI <ovs-ci@redhat.com> - 3.1.0-17
+- Merging upstream branch-3.1 [RH git: 6064fd8c48]
+    Commit list:
+    771c989a9a ovs-tcpdump: Stdout is shutdown before ovs-tcpdump exit.
+
+
+* Thu Apr 06 2023 Open vSwitch CI <ovs-ci@redhat.com> - 3.1.0-16
+- Merging upstream branch-3.1 [RH git: 00ae3eef99]
+    Commit list:
+    8ac6375cac Prepare for 3.1.2.
+    0187eadfce Set release date for 3.1.1.
+
+
+* Thu Apr 06 2023 Open vSwitch CI <ovs-ci@redhat.com> - 3.1.0-15
+- Merging upstream branch-3.1 [RH git: 153731ce46]
+    Commit list:
+    61b39d8c47 ofproto-dpif-xlate: Always mask ip proto field. (#2134873)
+    8019b5896e conntrack-tp: Fix clang warning.
+
+
 * Tue Apr 04 2023 Timothy Redaelli <tredaelli@redhat.com> - 3.1.0-14
 - ofproto-dpif-xlate: Always mask ip proto field. [RH git: 492e7e5f38] (#2134873)
     The ofproto layer currently treats nw_proto field as overloaded to mean