diff --git a/0001-curl-7.41.0-abe54705.patch b/0001-curl-7.41.0-abe54705.patch
deleted file mode 100644
index 28f4416..0000000
--- a/0001-curl-7.41.0-abe54705.patch
+++ /dev/null
@@ -1,150 +0,0 @@
-From b4d5a85714dc37d3aa0aa6ed7b37d95205b0f13a Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 24 Feb 2015 15:10:15 +0100
-Subject: [PATCH] nss: improve error handling in Curl_nss_random()
-
-The vtls layer now checks the return value, so it is no longer necessary
-to abort if a random number cannot be provided by NSS.  This also fixes
-the following Coverity report:
-
-Error: FORWARD_NULL (CWE-476):
-lib/vtls/nss.c:1918: var_compare_op: Comparing "data" to null implies that "data" might be null.
-lib/vtls/nss.c:1923: var_deref_model: Passing null pointer "data" to "Curl_failf", which dereferences it.
-lib/sendf.c:154:3: deref_parm: Directly dereferencing parameter "data".
-
-Upstream-commit: 7a1538d9cc0736e0a9ab13cf115db40a0bfbb152
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- lib/vtls/nss.c | 8 +++-----
- 1 file changed, 3 insertions(+), 5 deletions(-)
-
-diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
-index 16b9124..1dd56ba 100644
---- a/lib/vtls/nss.c
-+++ b/lib/vtls/nss.c
-@@ -1918,11 +1918,9 @@ int Curl_nss_random(struct SessionHandle *data,
-   if(data)
-     Curl_nss_seed(data);  /* Initiate the seed if not already done */
- 
--  if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length))) {
--    /* no way to signal a failure from here, we have to abort */
--    failf(data, "PK11_GenerateRandom() failed, calling abort()...");
--    abort();
--  }
-+  if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length)))
-+    /* signal a failure */
-+    return -1;
- 
-   return 0;
- }
--- 
-2.1.0
-
-From 6d5b40e46ec36a19bc4ee76ec674058088bec8ba Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 24 Feb 2015 15:18:45 +0100
-Subject: [PATCH] nss: do not skip Curl_nss_seed() if data is NULL
-
-In that case, we only skip writing the error message for failed NSS
-initialization (while still returning the correct error code).
-
-Upstream-commit: 4909f7c795a4490dbb29e89b8b1564af86ee5999
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- lib/vtls/nss.c | 12 ++++++++----
- 1 file changed, 8 insertions(+), 4 deletions(-)
-
-diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
-index 1dd56ba..e201dec 100644
---- a/lib/vtls/nss.c
-+++ b/lib/vtls/nss.c
-@@ -1034,6 +1034,7 @@ static PRStatus nspr_io_close(PRFileDesc *fd)
-   return close_fn(fd);
- }
- 
-+/* data might be NULL */
- static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
- {
-   NSSInitParameters initparams;
-@@ -1071,6 +1072,7 @@ static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
-   return CURLE_SSL_CACERT_BADFILE;
- }
- 
-+/* data might be NULL */
- static CURLcode nss_init(struct SessionHandle *data)
- {
-   char *cert_dir;
-@@ -1149,12 +1151,14 @@ int Curl_nss_init(void)
-   return 1;
- }
- 
-+/* data might be NULL */
- CURLcode Curl_nss_force_init(struct SessionHandle *data)
- {
-   CURLcode result;
-   if(!nss_initlock) {
--    failf(data, "unable to initialize NSS, curl_global_init() should have "
--                "been called with CURL_GLOBAL_SSL or CURL_GLOBAL_ALL");
-+    if(data)
-+      failf(data, "unable to initialize NSS, curl_global_init() should have "
-+                  "been called with CURL_GLOBAL_SSL or CURL_GLOBAL_ALL");
-     return CURLE_FAILED_INIT;
-   }
- 
-@@ -1904,6 +1908,7 @@ size_t Curl_nss_version(char *buffer, size_t size)
-   return snprintf(buffer, size, "NSS/%s", NSS_VERSION);
- }
- 
-+/* data might be NULL */
- int Curl_nss_seed(struct SessionHandle *data)
- {
-   /* make sure that NSS is initialized */
-@@ -1915,8 +1920,7 @@ int Curl_nss_random(struct SessionHandle *data,
-                     unsigned char *entropy,
-                     size_t length)
- {
--  if(data)
--    Curl_nss_seed(data);  /* Initiate the seed if not already done */
-+  Curl_nss_seed(data);  /* Initiate the seed if not already done */
- 
-   if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length)))
-     /* signal a failure */
--- 
-2.1.0
-
-From abe5470533db524abfbb7f7e078c15c159aa66d9 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 24 Feb 2015 18:58:55 +0100
-Subject: [PATCH] curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
-
-Otherwise it expands to:
-
-    echo ""/etc/pki/tls/certs/ca-bundle.crt""
-
-Detected by ShellCheck:
-
-    curl-config:74:16: warning: The double quotes around this do
-    nothing.  Remove or escape them. [SC2140]
-
-Upstream-commit: e47b8306db14ed1ccd66f774bded2d59602d2c88
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- curl-config.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/curl-config.in b/curl-config.in
-index 1ddf4c2..9398722 100644
---- a/curl-config.in
-+++ b/curl-config.in
-@@ -71,7 +71,7 @@ while test $# -gt 0; do
-         ;;
- 
-     --ca)
--        echo "@CURL_CA_BUNDLE@"
-+        echo @CURL_CA_BUNDLE@
-         ;;
- 
-     --cc)
--- 
-2.1.0
-
diff --git a/curl-7.41.0.tar.lzma.asc b/curl-7.41.0.tar.lzma.asc
deleted file mode 100644
index e17c52a..0000000
--- a/curl-7.41.0.tar.lzma.asc
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iEYEABECAAYFAlTte8QACgkQeOEcayedXJFByQCdEIZG6sOcXOhbe9JGSTZowdMR
-72cAoLu08rLq83AkywThzrxFG6qb7K0z
-=U309
------END PGP SIGNATURE-----
diff --git a/curl-7.42.0.tar.lzma.asc b/curl-7.42.0.tar.lzma.asc
new file mode 100644
index 0000000..9c82b2e
--- /dev/null
+++ b/curl-7.42.0.tar.lzma.asc
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iEYEABECAAYFAlU3ONsACgkQeOEcayedXJE4lQCeMzC0F+JUqFKRGut7+qXAbVlN
+wJkAoLFPfw7cZS/mWrJipz23Gql4WYa9
+=r9g2
+-----END PGP SIGNATURE-----
diff --git a/curl.spec b/curl.spec
index 23a3eb6..9293d88 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,15 +1,11 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.41.0
+Version: 7.42.0
 Release: 1%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
 Source2: curlbuild.h
-Source3: https://raw.githubusercontent.com/bagder/curl/curl-7_41_0/tests/extern-scan.pl
-
-# fix defects found by Coverity and ShellCheck
-Patch1: 0001-curl-7.41.0-abe54705.patch
 
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
@@ -117,10 +113,8 @@ documentation of the library, too.
 
 %prep
 %setup -q
-install -m0755 %{SOURCE3} tests/
 
 # upstream patches
-%patch1 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -242,6 +236,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Wed Apr 22 2015 Kamil Dudka <kdudka@redhat.com> 7.42.0-1
+- new upstream release (fixes CVE-2015-3143, CVE-2015-3144, CVE-2015-3145,
+  and CVE-2015-3148)
+
 * Wed Feb 25 2015 Kamil Dudka <kdudka@redhat.com> 7.41.0-1
 - new upstream release
 - include extern-scan.pl to make test1135 succeed (upstream commit 1514b718)
diff --git a/extern-scan.pl b/extern-scan.pl
deleted file mode 100644
index 49d0c86..0000000
--- a/extern-scan.pl
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/env perl
-#***************************************************************************
-#                                  _   _ ____  _
-#  Project                     ___| | | |  _ \| |
-#                             / __| | | | |_) | |
-#                            | (__| |_| |  _ <| |___
-#                             \___|\___/|_| \_\_____|
-#
-# Copyright (C) 2010-2015, Daniel Stenberg, <daniel@haxx.se>, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at http://curl.haxx.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-###########################################################################
-#
-#
-
-use strict;
-use warnings;
-
-# we may get the dir root pointed out
-my $root=$ARGV[0] || ".";
-
-my @incs = (
-    "$root/include/curl/curl.h",
-    "$root/include/curl/easy.h",
-    "$root/include/curl/mprintf.h",
-    "$root/include/curl/multi.h",
-    );
-
-my $verbose=0;
-my $summary=0;
-my $misses=0;
-
-my @syms;
-my %doc;
-my %rem;
-
-sub scanheader {
-    my ($f)=@_;
-    open H, "<$f" || die;
-    while(<H>) {
-        if (/^(CURL_EXTERN.*)/) {
-            print "$1\n";
-        }
-    }
-    close H;
-}
-
-foreach my $i (@incs) {
-    scanheader($i);
-}
diff --git a/sources b/sources
index 23e9ce2..eb75ff3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-3d75ba516673ddc441dac8d519d2634d  curl-7.41.0.tar.lzma
+fddfab60987ee6119652b57c082d2623  curl-7.42.0.tar.lzma