diff --git a/CVE-2024-36039.patch b/CVE-2024-36039.patch
deleted file mode 100644
index ae1ae166d8e87c02c4e63bfd3ca3a877eba9aeb8..0000000000000000000000000000000000000000
--- a/CVE-2024-36039.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 521e40050cb386a499f68f483fefd144c493053c Mon Sep 17 00:00:00 2001
-From: Inada Naoki <songofacandy@gmail.com>
-Date: Sat, 18 May 2024 11:33:30 +0900
-Subject: [PATCH] forbid dict parameter
-
----
- pymysql/converters.py | 6 +-----
- 1 file changed, 1 insertion(+), 5 deletions(-)
-
-diff --git a/pymysql/converters.py b/pymysql/converters.py
-index 1adac75..dbf97ca 100644
---- a/pymysql/converters.py
-+++ b/pymysql/converters.py
-@@ -27,11 +27,7 @@ def escape_item(val, charset, mapping=None):
- 
- 
- def escape_dict(val, charset, mapping=None):
--    n = {}
--    for k, v in val.items():
--        quoted = escape_item(v, charset, mapping)
--        n[k] = quoted
--    return n
-+    raise TypeError("dict can not be used as parameter")
- 
- 
- def escape_sequence(val, charset, mapping=None):
--- 
-2.41.0
-
diff --git a/PyMySQL-1.1.0.tar.gz b/PyMySQL-1.1.0.tar.gz
deleted file mode 100644
index 7d040843415258f3a68babc181e5c03eb1a6b47b..0000000000000000000000000000000000000000
Binary files a/PyMySQL-1.1.0.tar.gz and /dev/null differ
diff --git a/PyMySQL-1.1.1.tar.gz b/PyMySQL-1.1.1.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..450658cd89dbfe9025f33c1cf3f41d73fb66f1c8
Binary files /dev/null and b/PyMySQL-1.1.1.tar.gz differ
diff --git a/python-PyMySQL.spec b/python-PyMySQL.spec
index 644791a92efffd36051955e4dd42e3d4ef429849..e34fa182d1cfa17e6b2746c49c935619bd1662fd 100644
--- a/python-PyMySQL.spec
+++ b/python-PyMySQL.spec
@@ -1,15 +1,13 @@
 %global _empty_manifest_terminate_build 0
 Name:		python-PyMySQL
-Version:	1.1.0
-Release:	2
+Version:	1.1.1
+Release:	1
 Summary:	Pure Python MySQL Client
 License:	MIT
 URL:		https://pypi.python.org/pypi/PyMySQL/
-Source0:	https://files.pythonhosted.org/packages/41/9d/ee68dee1c8821c839bb31e6e5f40e61035a5278f7c1307dde758f0c90452/PyMySQL-1.1.0.tar.gz
+Source0:	https://files.pythonhosted.org/packages/41/9d/ee68dee1c8821c839bb31e6e5f40e61035a5278f7c1307dde758f0c90452/PyMySQL-1.1.1.tar.gz
 BuildArch:	noarch
 
-Patch01:        CVE-2024-36039.patch
-
 %description
 This package contains a pure-Python MySQL client library, based on PEP 249.
 Most public APIs are compatible with mysqlclient and MySQLdb.
@@ -54,6 +52,11 @@ if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
 %{_docdir}/*
 
 %changelog
+* Mon Jun 03 2024 liuzhilin <liuzhilin@kylinos.cn> - 1.1.1-1
+- Update package to version 1.1.1
+- Prohibit dict parameter for Cursor.execute(). It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)
+- Added ssl_key_password param.
+
 * Thu May 23 2024 yinyongkang <yinyongkang@kylinos.cn> - 1.1.0-2
 - Fix CVE-2024-36039