--- PKGBUILD	2014-05-09 12:46:02.898326342 +0200
+++ PKGBUILD	2014-05-09 13:10:53.426337948 +0200
@@ -6,7 +6,7 @@
 # use a pacman compatible version scheme
 pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
 #pkgver=$_ver
-pkgrel=1
+pkgrel=2
 pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
 arch=('i686' 'x86_64')
 url='https://www.openssl.org'
@@ -19,12 +19,16 @@
         "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
         'no-rpath.patch'
         'ca-dir.patch'
-        'openssl-1.0.1f-perl-5.18.patch')
-md5sums=('de62b43dfcd858e66a74bee1c834e959'
-         'SKIP'
-         'dc78d3d06baffc16217519242ce92478'
-         '3bf51be3a1bbd262be46dc619f92aa90'
-         'ea2a61c8bd43788d81d98f1ac36c98ac')
+        'openssl-1.0.1f-perl-5.18.patch'
+        '008_openssl.patch'
+        '009_openssl.patch')
+sha1sums=('b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c'
+          'SKIP'
+          'ed1f88f5dc6f47b4373d3ff03bcb12e85e54ebae'
+          '41da8f565f69dc76b01a6d60b3bedd6ba527089b'
+          '9a15d0770c2dfea689434a5c280d5cc7024290c1'
+          '259b59339f2fd96b1888084440d74485cda34b4f'
+          'b9ae599f8bd8c282300d3e2c35b9f56950eecce0')
 
 prepare() {
 	cd $srcdir/$pkgname-$_ver
@@ -35,6 +39,11 @@
 	patch -p0 -i $srcdir/ca-dir.patch
 
 	patch -p1 -i $srcdir/openssl-1.0.1f-perl-5.18.patch
+
+	# OpenBSD patch for CVE-2010-5298, CVE-2014-0198:
+	# http://www.openbsd.org/errata54.html
+	patch -p1 -i $srcdir/008_openssl.patch
+	patch -p3 -i $srcdir/009_openssl.patch
 }
 
 build() {