diff --git a/.gitignore b/.gitignore
index 2c7cf09..a65a0e4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/pki-11.0.5.tar.gz
+SOURCES/pki-11.0.6.tar.gz
diff --git a/.pki-core.metadata b/.pki-core.metadata
index 3605f88..d65b6e2 100644
--- a/.pki-core.metadata
+++ b/.pki-core.metadata
@@ -1 +1 @@
-ff598a9bd7cab3a5cf7b08855d17a0e4a73c0c59 SOURCES/pki-11.0.5.tar.gz
+e55d4ac4a14d3a2dc17546b47543cdd6fcef9b36 SOURCES/pki-11.0.6.tar.gz
diff --git a/SPECS/pki-core.spec b/SPECS/pki-core.spec
index b9b6c89..b087e29 100644
--- a/SPECS/pki-core.spec
+++ b/SPECS/pki-core.spec
@@ -15,8 +15,8 @@ License:          GPLv2 and LGPLv2
 
 # For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
 # For official (i.e. supported) releases, use x.y.z-r where r >=1.
-Version:          11.0.5
-Release:          1%{?_timestamp}%{?_commit_id}%{?dist}
+Version:          11.0.6
+Release:          2%{?_timestamp}%{?_commit_id}%{?dist}
 #global           _phase -alpha1
 
 # To create a tarball from a version tag:
@@ -62,9 +62,15 @@ ExcludeArch: i686
 # Java
 ################################################################################
 
+%if 0%{?fedora} && 0%{?fedora} >= 36
+%define java_devel java-17-openjdk-devel
+%define java_headless java-17-openjdk-headless
+%define java_home %{_jvmdir}/jre-17-openjdk
+%else
 %define java_devel java-11-openjdk-devel
 %define java_headless java-11-openjdk-headless
 %define java_home %{_jvmdir}/jre-11-openjdk
+%endif
 
 ################################################################################
 # RESTEasy
@@ -1369,6 +1375,9 @@ fi
 
 ################################################################################
 %changelog
+* Fri Sep 30 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.6-1
+- Bug #2107335 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE [rhel-9.0.0.z]
+
 * Fri May 06 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.5-1
 - Bug #2070907 - Drop SHA-1 use from authentication challenges [rhel-9.1.0] [rhel-9.0.0.z]