diff --git a/.gitignore b/.gitignore
index 863b931..7739b68 100644
--- a/.gitignore
+++ b/.gitignore
@@ -68,3 +68,4 @@
 /node-v6.10.2-stripped.tar.gz
 /node-v6.10.3-stripped.tar.gz
 /node-v6.11.0-stripped.tar.gz
+/node-v6.11.1-stripped.tar.gz
diff --git a/nodejs.spec b/nodejs.spec
index 5c5adac..e8b4c8a 100644
--- a/nodejs.spec
+++ b/nodejs.spec
@@ -18,7 +18,7 @@
 %global nodejs_epoch 1
 %global nodejs_major 6
 %global nodejs_minor 11
-%global nodejs_patch 0
+%global nodejs_patch 1
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}
 %global nodejs_release 1
@@ -28,7 +28,7 @@
 %global v8_major 5
 %global v8_minor 1
 %global v8_build 281
-%global v8_patch 102
+%global v8_patch 103
 # V8 presently breaks ABI at least every x.y release while never bumping SONAME
 %global v8_abi %{v8_major}.%{v8_minor}
 %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch}
@@ -443,6 +443,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node -
 %{_pkgdocdir}/npm/doc
 
 %changelog
+* Fri Jul 14 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:6.11.1-1
+- Security update (https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/)
+
 * Fri Jun 09 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:6.11.0-1
 - Update to 6.11.0
 - remove system CA patch since it was merged upstream
diff --git a/sources b/sources
index 77400eb..2573d80 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (node-v6.11.0-stripped.tar.gz) = a23e0d8461dcf87048555d2e4e62c0bacecf6d2a6a8d6d27ed08f6f0911ec31f9a7abc48ab45478eaf3ba6af593714e628a194340168581f2f9c3c8dbf0c7a1d
+SHA512 (node-v6.11.1-stripped.tar.gz) = 5b539c43103422c059034f99cdef25dd6556cf0b08d85cea6e8bc74862c944d368455e6139680c8b00e602cbf807533bdabf2dfa43d714c9864ab8c79679b74e