diff --git a/SOURCES/00320-CVE-2019-9636.patch b/SOURCES/00320-CVE-2019-9636.patch
index ffc9620..98ca651 100644
--- a/SOURCES/00320-CVE-2019-9636.patch
+++ b/SOURCES/00320-CVE-2019-9636.patch
@@ -42,7 +42,7 @@ index 40098d0..1b3d4e3 100644
  .. function:: urlunsplit(parts)
  
 diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
-index 0552f90..d425b47 100644
+index 0552f90..06c29da 100644
 --- a/Lib/test/test_urlparse.py
 +++ b/Lib/test/test_urlparse.py
 @@ -1,3 +1,5 @@
@@ -51,7 +51,7 @@ index 0552f90..d425b47 100644
  import unittest
  import urllib.parse
  
-@@ -910,6 +912,27 @@ class UrlParseTestCase(unittest.TestCase):
+@@ -910,6 +912,33 @@ class UrlParseTestCase(unittest.TestCase):
                  expected.append(name)
          self.assertCountEqual(urllib.parse.__all__, expected)
  
@@ -70,6 +70,12 @@ index 0552f90..d425b47 100644
 +        self.assertIn('\u2100', denorm_chars)
 +        self.assertIn('\uFF03', denorm_chars)
 +
++        # bpo-36742: Verify port separators are ignored when they
++        # existed prior to decomposition
++        urllib.parse.urlsplit('http://\u30d5\u309a:80')
++        with self.assertRaises(ValueError):
++            urllib.parse.urlsplit('http://\u30d5\u309a\ufe1380')
++
 +        for scheme in ["http", "https", "ftp"]:
 +            for c in denorm_chars:
 +                url = "{}://netloc{}false.netloc/path".format(scheme, c)
@@ -80,10 +86,10 @@ index 0552f90..d425b47 100644
  class Utility_Tests(unittest.TestCase):
      """Testcase to test the various utility functions in the urllib."""
 diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py
-index 01c9e58..6e88195 100644
+index 01c9e58..c449b3c 100644
 --- a/Lib/urllib/parse.py
 +++ b/Lib/urllib/parse.py
-@@ -318,6 +318,21 @@ def _splitnetloc(url, start=0):
+@@ -318,6 +318,24 @@ def _splitnetloc(url, start=0):
              delim = min(delim, wdelim)     # use earliest delim position
      return url[start:delim], url[delim:]   # return (domain, rest)
  
@@ -93,19 +99,22 @@ index 01c9e58..6e88195 100644
 +    # looking for characters like \u2100 that expand to 'a/c'
 +    # IDNA uses NFKC equivalence, so normalize for this check
 +    import unicodedata
-+    netloc2 = unicodedata.normalize('NFKC', netloc)
-+    if netloc == netloc2:
++    n = netloc.rpartition('@')[2] # ignore anything to the left of '@'
++    n = n.replace(':', '')        # ignore characters already included
++    n = n.replace('#', '')        # but not the surrounding text
++    n = n.replace('?', '')
++    netloc2 = unicodedata.normalize('NFKC', n)
++    if n == netloc2:
 +        return
-+    _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay
 +    for c in '/?#@:':
 +        if c in netloc2:
-+            raise ValueError("netloc '" + netloc2 + "' contains invalid " +
++            raise ValueError("netloc '" + netloc + "' contains invalid " +
 +                             "characters under NFKC normalization")
 +
  def urlsplit(url, scheme='', allow_fragments=True):
      """Parse a URL into 5 components:
      <scheme>://<netloc>/<path>?<query>#<fragment>
-@@ -347,6 +362,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
+@@ -347,6 +365,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
                  url, fragment = url.split('#', 1)
              if '?' in url:
                  url, query = url.split('?', 1)
@@ -113,7 +122,7 @@ index 01c9e58..6e88195 100644
              v = SplitResult(scheme, netloc, url, query, fragment)
              _parse_cache[key] = v
              return _coerce_result(v)
-@@ -370,6 +386,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
+@@ -370,6 +389,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
          url, fragment = url.split('#', 1)
      if '?' in url:
          url, query = url.split('?', 1)
diff --git a/SPECS/python.spec b/SPECS/python.spec
index 5386cd5..941b3b2 100644
--- a/SPECS/python.spec
+++ b/SPECS/python.spec
@@ -146,7 +146,7 @@
 Summary: Version 3 of the Python programming language aka Python 3000
 Name: %{?scl_prefix}python
 Version: %{pybasever}.1
-Release: 12%{?dist}
+Release: 13%{?dist}
 License: Python
 Group: Development/Languages
 
@@ -737,7 +737,7 @@ Patch300: 00300-change-so-version-scl.patch
 
 # 00320 #
 # Security fix for CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
-# FIXED UPSTREAM: https://bugs.python.org/issue36216
+# FIXED UPSTREAM: https://bugs.python.org/issue36216 and and https://bugs.python.org/issue36742
 # Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1689322
 Patch320: 00320-CVE-2019-9636.patch
 
@@ -2002,6 +2002,10 @@ rm -fr %{buildroot}
 # ======================================================
 
 %changelog
+* Fri May 10 2019 Charalampos Stratakis <cstratak@redhat.com> - 3.5.1-13
+- Updated fix for CVE-2019-9636
+Resolves: rhbz#1709331
+
 * Tue Apr 09 2019 Tomas Orsava <torsava@redhat.com> - 3.5.1-12
 - Security fix for CVE-2019-9636
 Resolves: rhbz#1689319