diff --git a/.gitignore b/.gitignore
index 48ea2f4..d9972d0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/v1.1.8.tar.gz
+SOURCES/v1.1.12.tar.gz
diff --git a/.slirp4netns.metadata b/.slirp4netns.metadata
index 84c8057..3e8ebbd 100644
--- a/.slirp4netns.metadata
+++ b/.slirp4netns.metadata
@@ -1 +1 @@
-9f7965d1151311e6af4be9d3c0093ff86f1a3e4d SOURCES/v1.1.8.tar.gz
+a64e67f2007fc3869565acb930fd2f7d1616e62f SOURCES/v1.1.12.tar.gz
diff --git a/SOURCES/0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch b/SOURCES/0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch
new file mode 100644
index 0000000..a4390aa
--- /dev/null
+++ b/SOURCES/0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch
@@ -0,0 +1,78 @@
+From 6db5ec8bba65b9eb3bbc0518ad74ed991126320d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
+Date: Tue, 15 Feb 2022 11:46:06 +0400
+Subject: [PATCH] Replace deprecated inet_ntoa with safer inet_ntop
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+inet_ntoa() is a legacy API with MT issues. Use the recommended
+alternative instead. This makes some code checkers happy, and could
+potentially fix issues if other parts of the process were to use
+inet_ntoa() at the same time..
+
+Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+---
+ main.c | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/main.c b/main.c
+index 3bf585924f7c..109dc59eea29 100644
+--- a/main.c
++++ b/main.c
+@@ -336,6 +336,7 @@ static int recvfd(int sock)
+ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket,
+                   struct slirp4netns_config *cfg, pid_t target_pid)
+ {
++    char str[INET6_ADDRSTRLEN];
+     int rc, tapfd;
+     struct in_addr vdhcp_end = {
+ #define NB_BOOTP_CLIENTS 16
+@@ -351,25 +352,24 @@ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket,
+     close(sock);
+     printf("Starting slirp\n");
+     printf("* MTU:             %d\n", cfg->mtu);
+-    printf("* Network:         %s\n", inet_ntoa(cfg->vnetwork));
+-    printf("* Netmask:         %s\n", inet_ntoa(cfg->vnetmask));
+-    printf("* Gateway:         %s\n", inet_ntoa(cfg->vhost));
+-    printf("* DNS:             %s\n", inet_ntoa(cfg->vnameserver));
+-    printf("* DHCP begin:      %s\n", inet_ntoa(cfg->vdhcp_start));
+-    printf("* DHCP end:        %s\n", inet_ntoa(vdhcp_end));
+-    printf("* Recommended IP:  %s\n", inet_ntoa(cfg->recommended_vguest));
++    printf("* Network:         %s\n", inet_ntop(AF_INET, &cfg->vnetwork, str, sizeof(str)));
++    printf("* Netmask:         %s\n", inet_ntop(AF_INET, &cfg->vnetmask, str, sizeof(str)));
++    printf("* Gateway:         %s\n", inet_ntop(AF_INET, &cfg->vhost, str, sizeof(str)));
++    printf("* DNS:             %s\n", inet_ntop(AF_INET, &cfg->vnameserver, str, sizeof(str)));
++    printf("* DHCP begin:      %s\n", inet_ntop(AF_INET, &cfg->vdhcp_start, str, sizeof(str)));
++    printf("* DHCP end:        %s\n", inet_ntop(AF_INET, &vdhcp_end, str, sizeof(str)));
++    printf("* Recommended IP:  %s\n", inet_ntop(AF_INET, &cfg->recommended_vguest, str, sizeof(str)));
+     if (api_socket != NULL) {
+         printf("* API Socket:      %s\n", api_socket);
+     }
+ #if SLIRP_CONFIG_VERSION_MAX >= 2
+     if (cfg->enable_outbound_addr) {
+         printf("* Outbound IPv4:    %s\n",
+-               inet_ntoa(cfg->outbound_addr.sin_addr));
++               inet_ntop(AF_INET, &cfg->outbound_addr.sin_addr, str, sizeof(str)));
+     }
+     if (cfg->enable_outbound_addr6) {
+-        char str[INET6_ADDRSTRLEN];
+-        if (inet_ntop(AF_INET6, &cfg->outbound_addr6.sin6_addr, str,
+-                      INET6_ADDRSTRLEN) != NULL) {
++        if (inet_ntop(AF_INET6, &cfg->outbound_addr6.sin6_addr,
++                      str, sizeof(str)) != NULL) {
+             printf("* Outbound IPv6:    %s\n", str);
+         }
+     }
+@@ -383,7 +383,7 @@ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket,
+         printf(
+             "WARNING: 127.0.0.1:* on the host is accessible as %s (set "
+             "--disable-host-loopback to prohibit connecting to 127.0.0.1:*)\n",
+-            inet_ntoa(cfg->vhost));
++            inet_ntop(AF_INET, &cfg->vhost, str, sizeof(str)));
+     }
+     if (cfg->enable_sandbox && geteuid() != 0) {
+         if ((rc = nsenter(target_pid, NULL, NULL, true)) < 0) {
+-- 
+2.34.1.428.gdcc0cd074f0c
+
diff --git a/SPECS/slirp4netns.spec b/SPECS/slirp4netns.spec
index c3313ab..cb62485 100644
--- a/SPECS/slirp4netns.spec
+++ b/SPECS/slirp4netns.spec
@@ -1,14 +1,15 @@
 %global git0 https://github.com/rootless-containers/%{name}
 
 Name: slirp4netns
-Version: 1.1.8
-Release: 3%{?dist}
+Version: 1.1.12
+Release: 4%{?dist}
 Summary: slirp for network namespaces
 License: GPLv2
 URL: %{git0}
 # build fails on i686 with: No matching package to install: 'go-md2man'
 ExcludeArch: i686
 Source0: %{git0}/archive/v%{version}.tar.gz
+Patch0: 0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch
 BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: gcc
@@ -59,6 +60,22 @@ make DESTDIR=%{buildroot} install install-man
 %{_mandir}/man1/%{name}.1.gz
 
 %changelog
+* Thu Feb 17 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.12-4
+- update gating.yaml as we have no local tests in dist-git
+- Related: #2000051
+
+* Tue Feb 15 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.12-3
+- fix gating - don't use insecure functions - thanks to Marc-André Lureau
+- Related: #2000051
+
+* Tue Feb 15 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.12-2
+- add gating.yaml
+- Related: #2000051
+
+* Thu Nov 11 2021 Jindrich Novy <jnovy@redhat.com> - 1.1.12-1
+- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.12
+- Related: #2000051
+
 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.1.8-3
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688