diff --git a/SOURCES/rpm-4.14.3-preserve-kmod-secure-boot-signature.patch b/SOURCES/rpm-4.14.3-preserve-kmod-secure-boot-signature.patch
deleted file mode 100644
index c85d990..0000000
--- a/SOURCES/rpm-4.14.3-preserve-kmod-secure-boot-signature.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-commit cfdb8300f6e3aed0abc41406a3c4737eb1192067
-Author: Michal Domonkos <mdomonko@redhat.com>
-Date: Sun Jul 11 18:08:26 2021 +0200
-
- Don't brp-strip .ko files
-
- Otherwise SecureBoot signatures may be stripped too.
-
- We used to exclude shared libraries from this strip as they were
- supposed to be covered by another brp script (brp-strip-shared), however
- it turned out the latter was never really used, so we removed the
- exclusion in commit 0ab151ab138fd4fb6d3176fd0270d9cc6f4623f3.
-
- As it turns out, that was a little too ambitious, since we may now
- inadvertently strip SecureBoot signatures from kernel modules too,
- provided that they're made during the build, prior to the invocation of
- brp-strip.
-
- Note that this regression currently does *not* affect the following two
- cases on Fedora/RHEL systems with redhat-rpm-config installed:
-
- - in-tree kernel modules; these are built from kernel.spec which
- already contains a hack ensuring that module signing only happens
- *after* any stripping (see %__modsign_install_post in kernel.spec)
-
- - out-of-tree kernel modules built with debuginfo enabled; this is
- because brp-strip is only called when %debug_package is set to
- %{nil}
-
- Any other combinations may be affected, depending on the macros and
- .spec files used, so let's fix this by effectively "reverting" said
- commit for .ko files only.
-
- Fixes: rhbz#1967291
-
- Backported into 4.14.3
-diff -up rpm-4.14.3/scripts/brp-strip.orig rpm-4.14.3/scripts/brp-strip
---- rpm-4.14.3/scripts/brp-strip.orig 2021-07-12 17:21:04.446396789 +0200
-+++ rpm-4.14.3/scripts/brp-strip 2021-07-12 17:21:20.673633783 +0200
-@@ -12,7 +12,7 @@ Darwin*) exit 0 ;;
- esac
-
- # Strip ELF binaries
--for f in `find "$RPM_BUILD_ROOT" -type f -exec file {} \; | \
-+for f in `find "$RPM_BUILD_ROOT" -type f \! -name "*.ko" -exec file {} \; | \
- grep -v "^${RPM_BUILD_ROOT}/\?usr/lib/debug" | \
- sed -n -e 's/^\(.*\):[ ]*ELF.*, not stripped.*/\1/p'`; do
- $STRIP -g "$f" || :
diff --git a/SPECS/rpm.spec b/SPECS/rpm.spec
index 948e0e7..2bbaa61 100644
--- a/SPECS/rpm.spec
+++ b/SPECS/rpm.spec
@@ -32,7 +32,7 @@
%global rpmver 4.14.3
#global snapver rc2
-%global rel 18
+%global rel 19
%global srcver %{version}%{?snapver:-%{snapver}}
%global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x}
@@ -106,7 +106,6 @@ Patch151: 0001-Unblock-signals-in-forked-scriptlets.patch
Patch152: rpm-4.14.3-fix-ambiguous-diagnostics-on-file-triggers.patch
Patch153: rpm-4.14.3-ELF-files-strip-when-debuginfo-disabled.patch
Patch154: rpm-4.14.3-more-careful-sig-hdr-copy.patch
-Patch155: rpm-4.14.3-preserve-kmod-secure-boot-signature.patch
Patch156: rpm-4.14.3-hdrblobInit-add-bounds-check.patch
Patch157: rpm-4.14.3-add-read-only-support-for-sqlite.patch
Patch158: rpm-4.14.3-imp-covscan-fixes.patch
@@ -690,6 +689,9 @@ make check || cat tests/rpmtests.log
%doc doc/librpm/html/*
%changelog
+* Wed Oct 06 2021 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-19
+- Unbreak in-tree kmod strip by reverting brp-strip fix (#1967291)
+
* Thu Aug 26 2021 Michal Domonkos <mdomonko@redhat.com> - 4.14.3-18
- Address important covscan issues (#1996665), vol. 2