diff --git a/HTTP-Tiny-0.080.tar.gz b/HTTP-Tiny-0.080.tar.gz
deleted file mode 100644
index cb14ab6..0000000
Binary files a/HTTP-Tiny-0.080.tar.gz and /dev/null differ
diff --git a/HTTP-Tiny-0.088.tar.gz b/HTTP-Tiny-0.088.tar.gz
new file mode 100644
index 0000000..9ecd0f8
Binary files /dev/null and b/HTTP-Tiny-0.088.tar.gz differ
diff --git a/backport-CVE-2023-31486.patch b/backport-CVE-2023-31486.patch
deleted file mode 100644
index 59a84ec..0000000
--- a/backport-CVE-2023-31486.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 1490431e40e22052f75a0b3449f1f53cbd27ba92 Mon Sep 17 00:00:00 2001
-From: Dominic Hargreaves <dom@earth.li>
-Date: Thu, 21 May 2020 22:53:37 +0100
-Subject: [PATCH] Enable SSL by default in HTTP::Tiny
-
-HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN,
-has an insecure default TLS configuration where users must opt in to verify certificates.
-
-Reference: https://salsa.debian.org/perl-team/interpreter/perl/-/commit/1490431e40e22052f75a0b3449f1f53cbd27ba92.patch
-Conflict:NA
----
- lib/HTTP/Tiny.pm | 20 +++++++++-----------
- 1 file changed, 9 insertions(+), 11 deletions(-)
-
-diff --git a/lib/HTTP/Tiny.pm b/lib/HTTP/Tiny.pm
-index 83ca06d..55b751c 100644
---- a/lib/HTTP/Tiny.pm
-+++ b/lib/HTTP/Tiny.pm
-@@ -41,7 +41,7 @@ sub _croak { require Carp; Carp::croak(@_) }
- #pod   read or write takes longer than the timeout, the request response status code
- #pod   will be 599.
- #pod * C<verify_SSL> — A boolean that indicates whether to validate the SSL
--#pod   certificate of an C<https> — connection (default is false)
-+#pod   certificate of an C<https> — connection (default is true)
- #pod * C<SSL_options> — A hashref of C<SSL_*> — options to pass through to
- #pod   L<IO::Socket::SSL>
- #pod
-@@ -115,7 +115,7 @@ sub new {
-         max_redirect => 5,
-         timeout      => defined $args{timeout} ? $args{timeout} : 60,
-         keep_alive   => 1,
--        verify_SSL   => $args{verify_SSL} || $args{verify_ssl} || 0, # no verification by default
-+        verify_SSL   => $args{verify_SSL} // $args{verify_ssl} // 1, # verification by default
-         no_proxy     => $ENV{no_proxy},
-     };
- 
-@@ -1055,7 +1055,7 @@ sub new {
-         timeout          => 60,
-         max_line_size    => 16384,
-         max_header_lines => 64,
--        verify_SSL       => 0,
-+        verify_SSL       => 1,
-         SSL_options      => {},
-         %args
-     }, $class;
-@@ -1797,7 +1797,7 @@ C<timeout> — Request timeout in seconds (default is 60) If a socket open, read
- 
- =item *
- 
--C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is false)
-+C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is true)
- 
- =item *
- 
-@@ -2069,7 +2069,7 @@ Verification of server identity
- 
- =back
- 
--B<By default, HTTP::Tiny does not verify server identity>.
-+B<By default, HTTP::Tiny verifies server identity>.
- 
- Server identity verification is controversial and potentially tricky because it
- depends on a (usually paid) third-party Certificate Authority (CA) trust model
-@@ -2077,16 +2077,14 @@ to validate a certificate as legitimate.  This discriminates against servers
- with self-signed certificates or certificates signed by free, community-driven
- CA's such as L<CAcert.org|http://cacert.org>.
- 
--By default, HTTP::Tiny does not make any assumptions about your trust model,
--threat level or risk tolerance.  It just aims to give you an encrypted channel
--when you need one.
--
- Setting the C<verify_SSL> attribute to a true value will make HTTP::Tiny verify
- that an SSL connection has a valid SSL certificate corresponding to the host
- name of the connection and that the SSL certificate has been verified by a CA.
- Assuming you trust the CA, this will protect against a L<man-in-the-middle
--attack|http://en.wikipedia.org/wiki/Man-in-the-middle_attack>.  If you are
--concerned about security, you should enable this option.
-+attack|http://en.wikipedia.org/wiki/Man-in-the-middle_attack>.
-+
-+If you are not concerned about security, and this default causes
-+problems, you should disable this option.
- 
- Certificate verification requires a file containing trusted CA certificates.
- 
--- 
-2.27.0
-
diff --git a/perl-HTTP-Tiny.spec b/perl-HTTP-Tiny.spec
index bb9da7d..47bbffe 100644
--- a/perl-HTTP-Tiny.spec
+++ b/perl-HTTP-Tiny.spec
@@ -1,13 +1,11 @@
 Name:           perl-HTTP-Tiny
-Version:        0.080
-Release:        2
+Version:        0.088
+Release:        1
 Summary:        A small, simple, correct HTTP/1.1 client
 License:        GPL+ or Artistic
 URL:            https://metacpan.org/release/HTTP-Tiny
 Source0:        https://cpan.metacpan.org/authors/id/D/DA/DAGOLDEN/HTTP-Tiny-%{version}.tar.gz
 
-Patch6000:      backport-CVE-2023-31486.patch
-
 BuildArch:      noarch
 
 BuildRequires:  make perl-generators perl-interpreter
@@ -66,6 +64,9 @@ make test
 %{_mandir}/man3/*
 
 %changelog
+* Wed Jul 19 2023 dongyuzhen <dongyuzhen@h-partners.com> - 0.088-1
+- upgrade version to 0.088
+
 * Mon Jun 26 2023 yangmingtai <yangmingtai@huawei.com> - 0.080-2
 - fix CVE-2023-31486