diff --git a/CVE-2022-40899.patch b/CVE-2022-40899.patch
deleted file mode 100644
index c7341e0..0000000
--- a/CVE-2022-40899.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From c91d70b34ef0402aef3e9d04364ba98509dca76f Mon Sep 17 00:00:00 2001
-From: Will Shanks <wshaos@posteo.net>
-Date: Fri, 23 Dec 2022 13:38:26 -0500
-Subject: [PATCH] Backport fix for bpo-38804
-
-The regex http.cookiejar.LOOSE_HTTP_DATE_RE was vulnerable to regular
-expression denial of service (REDoS). The regex contained multiple
-overlapping \s* capture groups. A long sequence of spaces can trigger
-bad performance.
-
-See https://github.com/python/cpython/pull/17157 and https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/
----
- src/future/backports/http/cookiejar.py | 18 ++++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
-
-diff --git a/src/future/backports/http/cookiejar.py b/src/future/backports/http/cookiejar.py
-index af3ef415..0ad80a02 100644
---- a/src/future/backports/http/cookiejar.py
-+++ b/src/future/backports/http/cookiejar.py
-@@ -225,10 +225,14 @@ def _str2time(day, mon, yr, hr, min, sec, tz):
-        (?::(\d\d))?    # optional seconds
-     )?                 # optional clock
-        \s*
--    ([-+]?\d{2,4}|(?![APap][Mm]\b)[A-Za-z]+)? # timezone
-+    (?:
-+       ([-+]?\d{2,4}|(?![APap][Mm]\b)[A-Za-z]+) # timezone
-+       \s*
-+    )?
-+    (?:
-+       \(\w+\)         # ASCII representation of timezone in parens.
-        \s*
--    (?:\(\w+\))?       # ASCII representation of timezone in parens.
--       \s*$""", re.X | re.ASCII)
-+    )?$""", re.X | re.ASCII)
- def http2time(text):
-     """Returns time in seconds since epoch of time represented by a string.
- 
-@@ -298,9 +302,11 @@ def http2time(text):
-       (?::?(\d\d(?:\.\d*)?))?  # optional seconds (and fractional)
-    )?                    # optional clock
-       \s*
--   ([-+]?\d\d?:?(:?\d\d)?
--    |Z|z)?               # timezone  (Z is "zero meridian", i.e. GMT)
--      \s*$""", re.X | re. ASCII)
-+   (?:
-+      ([-+]?\d\d?:?(:?\d\d)?
-+       |Z|z)             # timezone  (Z is "zero meridian", i.e. GMT)
-+      \s*
-+   )?$""", re.X | re. ASCII)
- def iso2time(text):
-     """
-     As for http2time, but parses the ISO 8601 formats:
diff --git a/future-0.18.2.tar.gz b/future-0.18.2.tar.gz
deleted file mode 100644
index 3c5328a..0000000
Binary files a/future-0.18.2.tar.gz and /dev/null differ
diff --git a/future-0.18.3.tar.gz b/future-0.18.3.tar.gz
new file mode 100644
index 0000000..9ca264a
Binary files /dev/null and b/future-0.18.3.tar.gz differ
diff --git a/future.spec b/future.spec
index 485e8e8..c1b056b 100644
--- a/future.spec
+++ b/future.spec
@@ -9,13 +9,12 @@ you can convert you Python code to support both version.
 %{!?python3_shortver: %global python3_shortver %(%{__python3} -c 'import sys; print(str(sys.version_info.major) + "." + str(sys.version_info.minor))')}
 
 Name:           future
-Version:        0.18.2
-Release:        2
+Version:        0.18.3
+Release:        1
 Summary:        Missing compatibility layer on Python 3
 License:        MIT
 URL:            http://python-future.org/
-Source0:        https://files.pythonhosted.org/packages/45/0b/38b06fd9b92dc2b68d58b75f900e97884c45bedd2ff83203d933cf5851c9/future-0.18.2.tar.gz
-Patch0:         CVE-2022-40899.patch
+Source0:        %{pypi_source future}
 BuildArch:      noarch
 
 %description
@@ -69,6 +68,9 @@ PYTHONPATH=$PWD/build/lib py.test-3 -v
 %{python3_sitelib}/*
 
 %changelog
+* Fri Jul 07 2023 Ge Wang <wang__ge@126.com> - 0.18.3-1
+- Update to version 0.18.3
+
 * Fri Mar 10 2023 yaoxin <yaoxin30@h-partners.com> - 0.18.2-2
 - Fix CVE-2022-40899