diff --git a/.gitignore b/.gitignore
index de0b909..fe25028 100644
--- a/.gitignore
+++ b/.gitignore
@@ -315,3 +315,5 @@ samba-3.6.0pre1.tar.gz
 /samba-4.17.2.tar.asc
 /samba-4.17.3.tar.xz
 /samba-4.17.3.tar.asc
+/samba-4.17.4.tar.xz
+/samba-4.17.4.tar.asc
diff --git a/samba.spec b/samba.spec
index 5712930..2f61f6f 100644
--- a/samba.spec
+++ b/samba.spec
@@ -134,7 +134,7 @@
 
 %define samba_requires_eq()  %(LC_ALL="C" echo '%*' | xargs -r rpm -q --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
 
-%global samba_version 4.17.3
+%global samba_version 4.17.4
 %global baserelease 0
 # This should be rc1 or %%nil
 %global pre_release %nil
@@ -3108,6 +3108,7 @@ fi
 %{python3_sitearch}/samba/tests/krb5/__pycache__/as_canonicalization_tests.*.pyc
 %{python3_sitearch}/samba/tests/krb5/__pycache__/as_req_tests.*.pyc
 %{python3_sitearch}/samba/tests/krb5/__pycache__/compatability_tests.*.pyc
+%{python3_sitearch}/samba/tests/krb5/__pycache__/etype_tests.*.pyc
 %{python3_sitearch}/samba/tests/krb5/__pycache__/fast_tests.*.pyc
 %{python3_sitearch}/samba/tests/krb5/__pycache__/kcrypto.*.pyc
 %{python3_sitearch}/samba/tests/krb5/__pycache__/kdc_base_test.*.pyc
@@ -3138,6 +3139,7 @@ fi
 %{python3_sitearch}/samba/tests/krb5/as_canonicalization_tests.py
 %{python3_sitearch}/samba/tests/krb5/as_req_tests.py
 %{python3_sitearch}/samba/tests/krb5/compatability_tests.py
+%{python3_sitearch}/samba/tests/krb5/etype_tests.py
 %{python3_sitearch}/samba/tests/krb5/fast_tests.py
 %{python3_sitearch}/samba/tests/krb5/kcrypto.py
 %{python3_sitearch}/samba/tests/krb5/kdc_base_test.py
@@ -4313,6 +4315,12 @@ fi
 %endif
 
 %changelog
+* Fri Dec 16 2022 Guenther Deschner <gdeschner@redhat.com> - 4.17.4-0
+- resolves: #2153906 - Update to version 4.17.4
+- resolves: #2154362, #2154363 - Security fixes for CVE-2022-38023
+- resolves: #2154303, #2154304 - Security fixes for CVE-2022-37966
+- resolves: #2154320, #2154322 - Security fixes for CVE-2022-37967
+
 * Tue Nov 15 2022 Guenther Deschner <gdeschner@redhat.com> - 4.17.3-0
 - resolves: #2142959 - Update to version 4.17.3
 - resolves: #2140960, #2143117 - Security fixes for CVE-2022-42898
diff --git a/sources b/sources
index 663dead..523fbd2 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (samba-4.17.3.tar.xz) = e346460ab53a5ed1f534992e21bb53c790fa4ba50752f0cf31d46fb96d138e4723a0171705ef8bf4ce3354960ddacc5a82b75975b06dcbe3224a09951174a5e7
-SHA512 (samba-4.17.3.tar.asc) = 814976c76a43b46fe67bd9a904fe3846104680446dfaf5759989a60ce1a088adb264c0bf67eccf9634fe84b3eb7ac1b8dbd020fcabf5e586c1773a2edad86306
+SHA512 (samba-4.17.4.tar.xz) = ffbde223ae324b6c0c779df75c926b09b77289f0ea4a6b6668d1bd758b621b3ed8ccdc4d101e6b153d1359c185b46d4baef5a7854dbc3864debbfa4696fa6bc8
+SHA512 (samba-4.17.4.tar.asc) = f69613c148453c57e83ba2bae45a316c19f80f9cceeab81a099d896e2dc578536175aa2278f85cf9e4899c8310a4eafeb1bfe365da16dd63195ffd099d6b6a6c