diff --git a/openssl-1.1.0-cert-req.patch b/openssl-1.1.0-cert-req.patch
new file mode 100644
index 0000000..f448af0
--- /dev/null
+++ b/openssl-1.1.0-cert-req.patch
@@ -0,0 +1,21 @@
+diff -up openssl-1.1.0c/ssl/statem/statem.c.certreq openssl-1.1.0c/ssl/statem/statem.c
+--- openssl-1.1.0c/ssl/statem/statem.c.certreq	2016-11-10 15:03:46.000000000 +0100
++++ openssl-1.1.0c/ssl/statem/statem.c	2016-11-30 14:23:14.274758723 +0100
+@@ -361,6 +361,8 @@ static int state_machine(SSL *s, int ser
+                  */
+                 s->ctx->stats.sess_accept_renegotiate++;
+             }
++
++            s->s3->tmp.cert_request = 0;
+         } else {
+             s->ctx->stats.sess_connect++;
+ 
+@@ -368,7 +370,7 @@ static int state_machine(SSL *s, int ser
+             memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
+             s->hit = 0;
+ 
+-            s->s3->tmp.cert_request = 0;
++            s->s3->tmp.cert_req = 0;
+ 
+             if (SSL_IS_DTLS(s)) {
+                 st->use_timer = 1;
diff --git a/openssl.spec b/openssl.spec
index 065f9f3..bb7d0ba 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -22,7 +22,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.1.0c
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -60,6 +60,8 @@ Patch41: openssl-1.1.0-system-cipherlist.patch
 Patch42: openssl-1.1.0-fips.patch
 Patch43: openssl-1.1.0-afalg-eventfd2.patch
 # Backported fixes including security fixes
+Patch60: openssl-1.1.0-sslread-revert.patch
+Patch61: openssl-1.1.0-cert-req.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -159,6 +161,9 @@ cp %{SOURCE13} test/
 %patch42 -p1 -b .fips
 %patch43 -p1 -b .eventfd2
 
+%patch60 -p1 -b .sslread-revert
+%patch61 -p1 -b .cert-req
+
 %build
 # Figure out which flags we want to use.
 # default
@@ -425,8 +430,11 @@ export LD_LIBRARY_PATH
 %postun libs -p /sbin/ldconfig
 
 %changelog
-* Tue Nov 22 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0c-2
+* Wed Nov 30 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0c-3
 - revert SSL_read() behavior change - patch from upstream (#1394677)
+- fix behavior on client certificate request in renegotiation (#1393579)
+
+* Tue Nov 22 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0c-2
 - EC curve NIST P-224 is now allowed, still kept disabled in TLS due
   to less than optimal security