diff --git a/debian/control b/debian/control
index 08b2e79109..b25731c529 100644
--- a/debian/control
+++ b/debian/control
@@ -25,8 +25,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter,
  gitlab-shell (>= 2.6.9),
  ruby-rails (>= 2:4.1~),
  ruby-rails (<< 2:5),
- ruby-sprockets (>= 2.12.3~),
- ruby-sprockets (<< 3),
+ ruby-sprockets (>= 3.3.0~),
  ruby-rails-autolink (>= 1.1~),
  ruby-default-value-for (>= 3~),
 #ruby-mysql2 | ruby-pg,
diff --git a/debian/patches/003-loosen-sprockets.patch b/debian/patches/003-loosen-sprockets.patch
new file mode 100644
index 0000000000..fa83588e6f
--- /dev/null
+++ b/debian/patches/003-loosen-sprockets.patch
@@ -0,0 +1,13 @@
+Index: gitlab/Gemfile
+===================================================================
+--- gitlab.orig/Gemfile
++++ gitlab/Gemfile
+@@ -8,7 +8,7 @@ gem 'responders', '~> 2.0'
+ 
+ # Specify a sprockets version due to security issue
+ # See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
+-gem 'sprockets', '~> 2.12.3'
++gem 'sprockets', '~> 3.3.0'
+ 
+ # Default values for AR models
+ gem "default_value_for", "~> 3.0.0"
diff --git a/debian/patches/series b/debian/patches/series
index ea1187cb69..debcb555c9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,5 +1,6 @@
 loosen-rails-version.patch
 0002-loosen-devise.patch
+003-loosen-sprockets.patch
 0005-use-debian-omniauth-ldap.patch
 0015-loosen-carrierwave.patch
 0016-loosen-fog.patch