--- rpms/openssl/sme8/openssl.spec	2014/09/02 22:22:35	1.4
+++ rpms/openssl/sme8/openssl.spec	2014/10/18 10:06:56	1.5
@@ -21,7 +21,7 @@
 Summary: The OpenSSL toolkit
 Name: openssl
 Version: 0.9.8e
-Release: 28%{?dist}
+Release: 31.1%{?dist}
 # The tarball is based on the openssl-fips-1.2.0-test.tar.gz tarball
 Source: openssl-fips-%{version}-usa.tar.bz2
 Source1: hobble-openssl
@@ -100,6 +100,7 @@ Patch110: openssl-fips-0.9.8e-cve-2014-3
 Patch111: openssl-fips-0.9.8e-cve-2014-3506.patch
 Patch112: openssl-fips-0.9.8e-cve-2014-3508.patch
 Patch113: openssl-fips-0.9.8e-cve-2014-3510.patch
+Patch114: openssl-fips-0.9.8e-fallback-scsv.patch
 
 License: BSDish
 Group: System Environment/Libraries
@@ -207,6 +208,7 @@ from other formats to the formats used b
 %patch111 -p1 -b .dtls-sizechecks
 %patch112 -p1 -b .oid-handling
 %patch113 -p1 -b .adh-dos
+%patch114 -p1 -b .fallback-scsv
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -460,9 +462,13 @@ rm -rf $RPM_BUILD_ROOT/%{_bindir}/openss
 %postun -p /sbin/ldconfig
 
 %changelog
-* Tue Sep  2 2014 Charlie Brady <charlie_brady@mitel.com> 0.9.8e-28.el5.sme
+* Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> 0.9.8e-31.1.el5.sme
 - update with ca-bundle.crt from SME 9 [SME: 8208]
 
+* Wed Oct 15 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-31
+- add support for fallback SCSV to partially mitigate CVE-2014-3566
+  (padding attack on SSL3)
+
 * Fri Aug  8 2014 Tomas Mraz <tmraz@redhat.com> 0.9.8e-27.4
 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS
 - fix CVE-2014-3505 - doublefree in DTLS packet processing