Index: trunk/server/fedora/Makefile
===================================================================
--- trunk/server/fedora/Makefile	(revision 2742)
+++ trunk/server/fedora/Makefile	(revision 2743)
@@ -19,5 +19,5 @@
 # See /COPYRIGHT in this repository for more information.
 
-upstream_yum	= krb5 krb5.i686 httpd openssh libgsasl
+upstream_yum	= krb5 krb5.i686 httpd openssh libgsasl openssl openssl.i686
 hackage		= cgi-3001.1.8.5 unix-handle-0.0.0
 upstream_hackage = ghc-cgi ghc-unix-handle
Index: trunk/server/fedora/specs/openssl.spec.patch
===================================================================
--- trunk/server/fedora/specs/openssl.spec.patch	(revision 2743)
+++ trunk/server/fedora/specs/openssl.spec.patch	(revision 2743)
@@ -0,0 +1,29 @@
+--- openssl.spec.orig	2015-12-03 22:15:29.139540047 -0500
++++ openssl.spec	2015-12-03 22:16:46.418241254 -0500
+@@ -21,7 +21,7 @@
+ Summary: Utilities from the general purpose cryptography library with TLS implementation
+ Name: openssl
+ Version: 1.0.1e
+-Release: 42%{?dist}
++Release: 42%{?dist}.scripts.%{scriptsversion}
+ Epoch: 1
+ # We have to remove certain patented algorithms from the openssl source
+ # tarball with the hobble-openssl script which is included below.
+@@ -123,6 +123,8 @@
+ Patch127: openssl-1.0.1e-cve-2015-0292.patch
+ Patch128: openssl-1.0.1e-cve-2015-0293.patch
+ 
++Patch1000: openssl-1.0.1e-cve-2015-3195.patch
++
+ License: OpenSSL
+ Group: System Environment/Libraries
+ URL: http://www.openssl.org/
+@@ -280,6 +282,8 @@
+ %patch127 -p1 -b .b64-underflow
+ %patch128 -p1 -b .ssl2-assert
+ 
++%patch1000 -p1 -b .x509-leak
++
+ sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
+ 
+ # Modify the various perl scripts to reference perl in the right location.