diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec
index feaed8a..577778e 100644
--- a/perl-IO-Socket-SSL.spec
+++ b/perl-IO-Socket-SSL.spec
@@ -1,8 +1,8 @@
 Name:		perl-IO-Socket-SSL
 Version:	2.066
-Release:	3%{?dist}
+Release:	4%{?dist}
 Summary:	Perl library for transparent SSL
-License:	GPL+ or Artistic
+License:	(GPL+ or Artistic) and MPLv2.0
 URL:		https://metacpan.org/release/IO-Socket-SSL
 Source0:	https://cpan.metacpan.org/modules/by-module/IO/IO-Socket-SSL-%{version}.tar.gz
 Patch0:		IO-Socket-SSL-2.066-use-system-default-cipher-list.patch
@@ -36,8 +36,6 @@ BuildRequires:	perl(strict)
 BuildRequires:	perl(vars)
 BuildRequires:	perl(warnings)
 # Test Suite
-# openssl for Test-client-performs-Post-Handshake-Authentication.patch
-BuildRequires:	openssl
 BuildRequires:	perl(Data::Dumper)
 BuildRequires:	perl(File::Temp)
 BuildRequires:	perl(FindBin)
@@ -109,18 +107,26 @@ find %{buildroot} -type f -name .packlist -delete
 make test
 
 %files
+# GPL+ or Artistic
 %doc BUGS Changes README docs/ certs/ example/
 %dir %{perl_vendorlib}/IO/
 %dir %{perl_vendorlib}/IO/Socket/
+%dir %{perl_vendorlib}/IO/Socket/SSL/
 %doc %{perl_vendorlib}/IO/Socket/SSL.pod
 %{perl_vendorlib}/IO/Socket/SSL.pm
-%{perl_vendorlib}/IO/Socket/SSL/
+%{perl_vendorlib}/IO/Socket/SSL/Intercept.pm
+%{perl_vendorlib}/IO/Socket/SSL/Utils.pm
 %{_mandir}/man3/IO::Socket::SSL.3*
 %{_mandir}/man3/IO::Socket::SSL::Intercept.3*
-%{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3*
 %{_mandir}/man3/IO::Socket::SSL::Utils.3*
+# MPLv2.0
+%{perl_vendorlib}/IO/Socket/SSL/PublicSuffix.pm
+%{_mandir}/man3/IO::Socket::SSL::PublicSuffix.3*
 
 %changelog
+* Wed Jun 26 2019 Paul Howarth <paul@city-fan.org> - 2.066-4
+- PublicSuffix.pm is licensed MPLv2.0 (#1724169)
+
 * Mon Jun 17 2019 Petr Pisar <ppisar@redhat.com> - 2.066-3
 - Skip a PHA test if Net::SSLeay does not expose the PHA (bug #1632660)
 
@@ -131,7 +137,7 @@ make test
 - Update to 2.066
   - Make sure that Net::SSLeay::CTX_get0_param is defined before using
     X509_V_FLAG_PARTIAL_CHAIN; Net::SSLeay 1.85 defined only the second with
-    LibreSSL 2.7.4 but not the first (CPAN RT#=128716)
+    LibreSSL 2.7.4 but not the first (CPAN RT#128716)
   - Prefer AES for server side cipher default since it is usually
     hardware-accelerated
   - Fix test t/verify_partial_chain.t by using the newly exposed function