diff --git a/SOURCES/skopeo-CVE-2019-10214.patch b/SOURCES/skopeo-CVE-2019-10214.patch
deleted file mode 100644
index 8450aaf..0000000
--- a/SOURCES/skopeo-CVE-2019-10214.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -up ./skopeo-1715c9084124875cb71f006916396e3c7d03014e/vendor/github.com/containers/image/docker/docker_client.go.CVE-2019-10214 ./skopeo-1715c9084124875cb71f006916396e3c7d03014e/vendor/github.com/containers/image/docker/docker_client.go
---- ./skopeo-1715c9084124875cb71f006916396e3c7d03014e/vendor/github.com/containers/image/docker/docker_client.go.CVE-2019-10214	2019-09-12 15:41:30.949477994 +0200
-+++ ./skopeo-1715c9084124875cb71f006916396e3c7d03014e/vendor/github.com/containers/image/docker/docker_client.go	2019-09-12 15:41:30.950478007 +0200
-@@ -480,11 +480,7 @@ func (c *dockerClient) getBearerToken(ct
- 		authReq.SetBasicAuth(c.username, c.password)
- 	}
- 	logrus.Debugf("%s %s", authReq.Method, authReq.URL.String())
--	tr := tlsclientconfig.NewTransport()
--	// TODO(runcom): insecure for now to contact the external token service
--	tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
--	client := &http.Client{Transport: tr}
--	res, err := client.Do(authReq)
-+	res, err := c.client.Do(authReq)
- 	if err != nil {
- 		return nil, err
- 	}
diff --git a/SPECS/skopeo.spec b/SPECS/skopeo.spec
index fed3152..d0fb776 100644
--- a/SPECS/skopeo.spec
+++ b/SPECS/skopeo.spec
@@ -31,7 +31,7 @@ ExcludeArch: ppc64 %{ix86}
 Name: %{repo}
 Epoch: 1
 Version: 0.1.32
-Release: 6.git%{shortcommit0}%{?dist}
+Release: 4.git%{shortcommit0}%{?dist}
 Summary: Inspect Docker images and repositories on registries
 License: ASL 2.0
 URL: %{git0}
@@ -43,7 +43,6 @@ Source4: registries.conf.5.md
 Source5: registries.conf
 Source6: policy.json.5.md
 Source7: seccomp.json
-Patch0: skopeo-CVE-2019-10214.patch
 BuildRequires: git
 # If go_compiler is not set to 1, there is no virtual provide. Use golang instead.
 BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang}
@@ -74,10 +73,7 @@ This package installs a default signature store configuration and a default
 policy under `/etc/containers/`.
 
 %prep
-%setup -q -n %{name}-%{commit0}
-
-# fix CVE-2019-10214
-%patch0 -p2
+%autosetup -Sgit -n %{name}-%{commit0}
 
 %build
 mkdir -p src/github.com/containers
@@ -112,7 +108,7 @@ install -m0644 %{SOURCE3} %{buildroot}%{_datadir}/containers/mounts.conf
 install -m0644 %{SOURCE7} %{buildroot}%{_datadir}/containers/seccomp.json
 
 # install secrets patch directory
-install -d -p -m 755 %{buildroot}/%{_datadir}/rhel/secrets
+install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets
 # rhbz#1110876 - update symlinks for subscription management
 ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement
 ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
@@ -154,16 +150,9 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
 %{_datadir}/bash-completion/completions/%{name}
 
 %changelog
-* Tue Nov 26 2019 Jindrich Novy <jnovy@redhat.com> - 1:0.1.32-6.git1715c90
+* Thu Nov 28 2019 Jindrich Novy <jnovy@redhat.com> - 1:0.1.32-4.git1715c90
 - rebuild because of CVE-2019-9512 and CVE-2019-9514
-- Resolves: #1772129, #1772134
-
-* Thu Sep 12 2019 Jindrich Novy <jnovy@redhat.com> - 1:0.1.32-5.git1715c90
-- Fix CVE-2019-10214 (#1734658).
-
-* Fri Aug 16 2019 Jindrich Novy <jnovy@redhat.com> - 1:0.1.32-4.git1715c90
-- fix permissions of rhel/secrets
-  Resolves: #1691543
+- Resolves: #1772130, #1772135
 
 * Tue Dec 18 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 1:0.1.32-3.git1715c90
 - rebase