diff --git a/java-11-openjdk.spec b/java-11-openjdk.spec
index 8978a1f..8df2b16 100644
--- a/java-11-openjdk.spec
+++ b/java-11-openjdk.spec
@@ -259,7 +259,7 @@
 %global top_level_dir_name   %{origin}
 %global minorver        0
 %global buildver        11
-%global rpmrelease      4
+%global rpmrelease      5
 #%%global tagsuffix      ""
 # priority must be 8 digits in total; untill openjdk 1.8 we were using 18..... so when moving to 11 we had to add another digit
 %if %is_system_jdk
@@ -1102,6 +1102,8 @@ Source15: TestSecurityProperties.java
 # NSS via SunPKCS11 Provider (disabled comment
 # due to memory leak).
 Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
+# enable build of spectre/meltdown hardened alt-java
+Patch600: rh1750419-redhat_alt_java.patch
 
 # Ignore AWTError when assistive technologies are loaded
 Patch1:    rh1648242-accessible_toolkit_crash_do_not_break_jvm.patch
@@ -1125,8 +1127,6 @@ Patch2:    rh1648644-java_access_bridge_privileged_security.patch
 Patch3:    rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk10_and_up.patch
 # PR3694, RH1340845: Add security.useSystemPropertiesFile option to java.security to use system crypto policy
 Patch4: pr3694-rh1340845-support_fedora_rhel_system_crypto_policy.patch
-# RH1566890: CVE-2018-3639
-Patch6:    rh1566890-CVE_2018_3639-speculative_store_bypass.patch
 # PR3695: Allow use of system crypto policy to be disabled by the user
 Patch7: pr3695-toggle_system_crypto_policy.patch
 
@@ -1393,7 +1393,6 @@ pushd %{top_level_dir_name}
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
-%patch6 -p1
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
@@ -1401,6 +1400,7 @@ pushd %{top_level_dir_name}
 popd # openjdk
 
 %patch1000
+%patch600
 
 # Extract systemtap tapsets
 %if %{with_systemtap}
@@ -1566,7 +1566,6 @@ ln -s %{_datadir}/javazi-1.8/tzdb.dat $JAVA_HOME/lib/tzdb.dat
 
 # Create fake alt-java as a placeholder for future alt-java
 pushd ${JAVA_HOME}
-cp -a bin/java bin/%{alt_java_name}
 # add alt-java man page
 echo "Hardened java binary recommended for launching untrusted code from the Web e.g. javaws" > man/man1/%{alt_java_name}.1
 cat man/man1/java.1 >> man/man1/%{alt_java_name}.1
@@ -1975,6 +1974,11 @@ require "copy_jdk_configs.lua"
 
 
 %changelog
+* Tue Dec 01 2020 Jiri Vanek <jvanek@redhat.com> - 1:11.0.9.11-5
+- removed patch6, rh1566890-CVE_2018_3639-speculative_store_bypass.patch, surpassed by new patch
+- added patch600, rh1750419-redhat_alt_java.patch, suprassing removed patch
+- no longer copying of java->alt-java as it is created by  patch600
+
 * Mon Nov 23 2020 Jiri Vanek <jvanek@redhat.com> - 1:11.0.9.11-4
 - Create a copy of java as alt-java with alternatives and man pages
 - java-11-openjdk doesn't have a JRE tree, so don't try and copy alt-java there...
diff --git a/rh1566890-CVE_2018_3639-speculative_store_bypass.patch b/rh1566890-CVE_2018_3639-speculative_store_bypass.patch
deleted file mode 100644
index bd52828..0000000
--- a/rh1566890-CVE_2018_3639-speculative_store_bypass.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-diff --git openjdk/src/hotspot/os/linux/os_linux.cpp openjdk/src/hotspot/os/linux/os_linux.cpp
---- openjdk/src/hotspot/os/linux/os_linux.cpp
-+++ openjdk/src/hotspot/os/linux/os_linux.cpp
-@@ -107,6 +107,8 @@
- # include <inttypes.h>
- # include <sys/ioctl.h>
- 
-+#include <sys/prctl.h>
-+
- #ifndef _GNU_SOURCE
-   #define _GNU_SOURCE
-   #include <sched.h>
-@@ -4984,6 +4986,48 @@
- extern void report_error(char* file_name, int line_no, char* title,
-                          char* format, ...);
- 
-+/* Per task speculation control */
-+#ifndef PR_GET_SPECULATION_CTRL
-+# define PR_GET_SPECULATION_CTRL    52
-+#endif
-+#ifndef PR_SET_SPECULATION_CTRL
-+# define PR_SET_SPECULATION_CTRL    53
-+#endif
-+/* Speculation control variants */
-+#ifndef PR_SPEC_STORE_BYPASS
-+# define PR_SPEC_STORE_BYPASS          0
-+#endif
-+/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
-+
-+#ifndef PR_SPEC_NOT_AFFECTED
-+# define PR_SPEC_NOT_AFFECTED          0
-+#endif
-+#ifndef PR_SPEC_PRCTL
-+# define PR_SPEC_PRCTL                 (1UL << 0)
-+#endif
-+#ifndef PR_SPEC_ENABLE
-+# define PR_SPEC_ENABLE                (1UL << 1)
-+#endif
-+#ifndef PR_SPEC_DISABLE
-+# define PR_SPEC_DISABLE               (1UL << 2)
-+#endif
-+#ifndef PR_SPEC_FORCE_DISABLE
-+# define PR_SPEC_FORCE_DISABLE         (1UL << 3)
-+#endif
-+#ifndef PR_SPEC_DISABLE_NOEXEC
-+# define PR_SPEC_DISABLE_NOEXEC        (1UL << 4)
-+#endif
-+
-+static void set_speculation() __attribute__((constructor));
-+static void set_speculation() {
-+  if ( prctl(PR_SET_SPECULATION_CTRL,
-+             PR_SPEC_STORE_BYPASS,
-+             PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
-+    return;
-+  }
-+  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
-+}
-+
- // this is called _before_ most of the global arguments have been parsed
- void os::init(void) {
-   char dummy;   // used to get a guess on initial stack address
diff --git a/rh1750419-redhat_alt_java.patch b/rh1750419-redhat_alt_java.patch
new file mode 100644
index 0000000..eaac9f1
--- /dev/null
+++ b/rh1750419-redhat_alt_java.patch
@@ -0,0 +1,111 @@
+diff -r 1356affa5e44 make/launcher/Launcher-java.base.gmk
+--- openjdk/make/launcher/Launcher-java.base.gmk      Wed Nov 25 08:27:15 2020 +0100
++++ openjdk/make/launcher/Launcher-java.base.gmk      Tue Dec 01 12:29:30 2020 +0100
+@@ -41,6 +41,15 @@
+     OPTIMIZATION := HIGH, \
+ ))
+ 
++$(eval $(call SetupBuildLauncher, alt-java, \
++    CFLAGS := -DEXPAND_CLASSPATH_WILDCARDS -DENABLE_ARG_FILES -DREDHAT_ALT_JAVA, \
++    LDFLAGS_solaris := -R$(OPENWIN_HOME)/lib$(OPENJDK_TARGET_CPU_ISADIR), \
++    LIBS_windows := user32.lib comctl32.lib, \
++    EXTRA_RC_FLAGS := $(JAVA_RC_FLAGS), \
++    VERSION_INFO_RESOURCE := $(JAVA_VERSION_INFO_RESOURCE), \
++    OPTIMIZATION := HIGH, \
++))
++
+ ifeq ($(OPENJDK_TARGET_OS), windows)
+   $(eval $(call SetupBuildLauncher, javaw, \
+       CFLAGS := -DJAVAW -DEXPAND_CLASSPATH_WILDCARDS -DENABLE_ARG_FILES, \
+
+diff -r 25e94aa812b2 src/share/bin/alt_main.h
+--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
++++ openjdk/src/java.base/share/native/launcher/alt_main.h	Tue Jun 02 17:15:28 2020 +0100
+@@ -0,0 +1,73 @@
++/*
++ * Copyright (c) 2019, Red Hat, Inc. All rights reserved.
++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
++ *
++ * This code is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License version 2 only, as
++ * published by the Free Software Foundation.  Oracle designates this
++ * particular file as subject to the "Classpath" exception as provided
++ * by Oracle in the LICENSE file that accompanied this code.
++ *
++ * This code is distributed in the hope that it will be useful, but WITHOUT
++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
++ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
++ * version 2 for more details (a copy is included in the LICENSE file that
++ * accompanied this code).
++ *
++ * You should have received a copy of the GNU General Public License version
++ * 2 along with this work; if not, write to the Free Software Foundation,
++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
++ *
++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
++ * or visit www.oracle.com if you need additional information or have any
++ * questions.
++ */
++
++#ifdef REDHAT_ALT_JAVA
++
++#include <sys/prctl.h>
++
++
++/* Per task speculation control */
++#ifndef PR_GET_SPECULATION_CTRL
++# define PR_GET_SPECULATION_CTRL    52
++#endif
++#ifndef PR_SET_SPECULATION_CTRL
++# define PR_SET_SPECULATION_CTRL    53
++#endif
++/* Speculation control variants */
++#ifndef PR_SPEC_STORE_BYPASS
++# define PR_SPEC_STORE_BYPASS          0
++#endif
++/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
++
++#ifndef PR_SPEC_NOT_AFFECTED
++# define PR_SPEC_NOT_AFFECTED          0
++#endif
++#ifndef PR_SPEC_PRCTL
++# define PR_SPEC_PRCTL                 (1UL << 0)
++#endif
++#ifndef PR_SPEC_ENABLE
++# define PR_SPEC_ENABLE                (1UL << 1)
++#endif
++#ifndef PR_SPEC_DISABLE
++# define PR_SPEC_DISABLE               (1UL << 2)
++#endif
++#ifndef PR_SPEC_FORCE_DISABLE
++# define PR_SPEC_FORCE_DISABLE         (1UL << 3)
++#endif
++#ifndef PR_SPEC_DISABLE_NOEXEC
++# define PR_SPEC_DISABLE_NOEXEC        (1UL << 4)
++#endif
++
++static void set_speculation() __attribute__((constructor));
++static void set_speculation() {
++  if ( prctl(PR_SET_SPECULATION_CTRL,
++             PR_SPEC_STORE_BYPASS,
++             PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
++    return;
++  }
++  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
++}
++
++#endif // REDHAT_ALT_JAVA
+diff -r 25e94aa812b2 src/share/bin/main.c
+--- openjdk/src/java.base/share/native/launcher/main.c	Wed Feb 05 12:20:36 2020 -0300
++++ openjdk/src/java.base/share/native/launcher/main.c	Tue Jun 02 17:15:28 2020 +0100
+@@ -34,6 +34,10 @@
+ #include "jli_util.h"
+ #include "jni.h"
+ 
++#if defined(linux) && defined(__x86_64)
++#include "alt_main.h"
++#endif
++
+ #ifdef _MSC_VER
+ #if _MSC_VER > 1400 && _MSC_VER < 1600
+