diff --git a/openssl-1.0.1h-disable-sslv2v3.patch b/openssl-1.0.1h-disable-sslv2v3.patch
index 83afda0..7a028aa 100644
--- a/openssl-1.0.1h-disable-sslv2v3.patch
+++ b/openssl-1.0.1h-disable-sslv2v3.patch
@@ -5,8 +5,8 @@ diff -up openssl-1.0.1h/ssl/ssl_lib.c.v2v3 openssl-1.0.1h/ssl/ssl_lib.c
  	 */
  	ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
  
-+	/* Disable SSLv2 and SSLv3 by default (affects the SSLv23_method() only) */
-+	ret->options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
++	/* Disable SSLv2 by default (affects the SSLv23_method() only) */
++	ret->options |= SSL_OP_NO_SSLv2;
 +
  	return(ret);
  err:
diff --git a/openssl.spec b/openssl.spec
index bac101b..6d20a96 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -481,11 +481,6 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 * Fri Jan  9 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-1
 - new upstream release fixing multiple security issues
 
-* Thu Nov 20 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1j-3
-- disable SSLv3 by default again (mail servers and possibly
-  LDAP servers should probably allow it explicitly for legacy
-  clients)
-
 * Tue Oct 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1j-2
 - update the FIPS RSA keygen to be FIPS 186-4 compliant