diff --git a/SPECS-EXTENDED/cjose/cjose.signatures.json b/SPECS-EXTENDED/cjose/cjose.signatures.json
index b31361cdfd4..5395c79932d 100644
--- a/SPECS-EXTENDED/cjose/cjose.signatures.json
+++ b/SPECS-EXTENDED/cjose/cjose.signatures.json
@@ -1,5 +1,5 @@
 {
  "Signatures": {
-  "cjose-0.6.1.tar.gz": "208eaa0fa616b44a71d8aa155c40b14c7c9d0fa2bb91d1408824520d2fc1b4dd"
+  "cjose-0.6.2.2.tar.gz": "2de8652b23ee3e15398176e8b2aaa513aa89635368f2748fbc304f8aefe910a4"
  }
 }
diff --git a/SPECS-EXTENDED/cjose/cjose.spec b/SPECS-EXTENDED/cjose/cjose.spec
index 6b31faa9bda..9a9135d6872 100644
--- a/SPECS-EXTENDED/cjose/cjose.spec
+++ b/SPECS-EXTENDED/cjose/cjose.spec
@@ -1,21 +1,20 @@
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 Name:           cjose
-Version:        0.6.1
-Release:        6%{?dist}
+Version:        0.6.2.2
+Release:        7%{?dist}
 Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)
 
 License:        MIT
-URL:            https://github.com/cisco/cjose
-Source0:  	https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
-
-Patch1: concatkdf.patch
+URL:            https://github.com/OpenIDC/cjose
+Source0:        https://github.com/OpenIDC/cjose/releases/download/v%{version}/cjose-%{version}.tar.gz
 
 BuildRequires:  gcc
 BuildRequires:  doxygen
 BuildRequires:  openssl-devel
 BuildRequires:  jansson-devel
 BuildRequires:  check-devel
+BuildRequires: make
 
 %description
 Implementation of JOSE for C/C++
@@ -64,8 +63,55 @@ make check || (cat test/test-suite.log; exit 1)
 
 
 %changelog
-* Fri Oct 15 2021 Pawel Winogrodzki <pawelwi@microsoft.com> - 0.6.1-6
-- Initial CBL-Mariner import from Fedora 32 (license: MIT).
+* Tue Dec 17 2024 Akarsh Chaudhary <v-akarshc@microsoft.com> - 0.6.2.2-7
+- AzureLinux import from Fedora 41 (license: MIT).
+- License verified
+
+* Tue Oct 22 2024 Richard W.M. Jones <rjones@redhat.com> - 0.6.2.2-6
+- Rebuild for Jansson 2.14
+  (https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/3PYINSQGKQ4BB25NQUI2A2UCGGLAG5ND/)
+
+* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.2.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Tue Jan 23 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.2.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.2.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Sep 1 2023 Tomas Halman <thalman@redhat.com> - 0.6.2.2-2
+- migrated to SPDX license
+
+* Wed Jul 26 2023 Tomas Halman <thalman@redhat.com> - 0.6.2.2-1
+- Rebase to version 0.6.2.2. Solves CVE-2023-37464.
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Fri Oct 28 2022 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-12
+- Enable build on OpenSSL 3.0
+
+* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 0.6.1-9
+- Rebuilt with OpenSSL 3.0.0
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 
 * Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
diff --git a/SPECS-EXTENDED/cjose/concatkdf.patch b/SPECS-EXTENDED/cjose/concatkdf.patch
deleted file mode 100644
index abeccaf2cfa..00000000000
--- a/SPECS-EXTENDED/cjose/concatkdf.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-commit 0238eb8f3612515f4374381b593dd79116169330
-Author: John Dennis <jdennis@redhat.com>
-Date:   Thu Aug 2 16:21:33 2018 -0400
-
-    fix concatkdf failures on big endian architectures
-    
-    Several of the elements used to compute the digest in ECDH-ES key
-    agreement computation are represented in binary form as a 32-bit
-    integer length followed by that number of octets.  the length
-    field. The 32-bit length integer is represented in big endian
-    format (the 8 most significant bits are in the first octet.).
-    
-    The conversion to a 4 byte big endian integer was being computed
-    in a manner that only worked on little endian architectures. The
-    function htonl() returns a 32-bit integer whose octet sequence given
-    the address of the integer is big endian. There is no need for any
-    further manipulation.
-    
-    The existing code used bit shifting on a 32-bit value. In C bit
-    shifting is endian agnostic for multi-octet values, a right shift
-    moves most significant bits toward least significant bits. The result
-    of a bit shift of a multi-octet value on either big or little
-    archictures will always be the same provided you "view" it as the same
-    data type (e.g. 32-bit integer). But indexing the octets of that
-    mulit-octet value will be different depending on endianness, hence the
-    assembled octets differed depending on endianness.
-    
-    Issue: #77
-    Signed-off-by: John Dennis <jdennis@redhat.com>
-
-diff --git a/src/concatkdf.c b/src/concatkdf.c
-index ec064ab..59b845a 100644
---- a/src/concatkdf.c
-+++ b/src/concatkdf.c
-@@ -29,15 +29,9 @@
- ////////////////////////////////////////////////////////////////////////////////
- static uint8_t *_apply_uint32(const uint32_t value, uint8_t *buffer)
- {
--    const uint32_t formatted = htonl(value);
--    const uint8_t data[4] = {
--        (formatted >> 0) & 0xff,
--        (formatted >> 8) & 0xff,
--        (formatted >> 16) & 0xff,
--        (formatted >> 24) & 0xff
--    };
--    memcpy(buffer, data, 4);
-+    const uint32_t big_endian_int32 = htonl(value);
- 
-+    memcpy(buffer, &big_endian_int32, 4);
-     return buffer + 4;
- }
- 
-diff --git a/test/check_concatkdf.c b/test/check_concatkdf.c
-index e4325fc..41d0f1c 100644
---- a/test/check_concatkdf.c
-+++ b/test/check_concatkdf.c
-@@ -60,14 +60,9 @@ _create_otherinfo_header_finish:
- 
- static bool _cmp_uint32(uint8_t **actual, uint32_t expected)
- {
--    uint32_t value = htonl(expected);
--    uint8_t expectedData[] = {
--        (value >> 0) & 0xff,
--        (value >> 8) & 0xff,
--        (value >> 16) & 0xff,
--        (value >> 24) & 0xff
--    };
--    bool result = (0 == memcmp(*actual, expectedData, 4));
-+    uint32_t big_endian_int32 = htonl(expected);
-+
-+    bool result = (0 == memcmp(*actual, &big_endian_int32, 4));
-     (*actual) += 4;
-     return result;
- }
diff --git a/cgmanifest.json b/cgmanifest.json
index c275a93d590..f7e00b5a93a 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -1727,8 +1727,8 @@
         "type": "other",
         "other": {
           "name": "cjose",
-          "version": "0.6.1",
-          "downloadUrl": "https://github.com/cisco/cjose/archive/0.6.1/cjose-0.6.1.tar.gz"
+          "version": "0.6.2.2",
+          "downloadUrl": "https://github.com/OpenIDC/cjose/releases/download/v0.6.2.2/cjose-0.6.2.2.tar.gz"
         }
       }
     },