diff --git a/SOURCES/openssl-1.0.1e-new-fips-reqs.patch b/SOURCES/openssl-1.0.1e-new-fips-reqs.patch
index 40527ef..0fe712a 100644
--- a/SOURCES/openssl-1.0.1e-new-fips-reqs.patch
+++ b/SOURCES/openssl-1.0.1e-new-fips-reqs.patch
@@ -1117,42 +1117,6 @@ diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-reqs openssl-1.0.1e/crypto/fip
  
  LIBCRYPTO=-L.. -lcrypto
  
-diff -up openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs openssl-1.0.1e/crypto/modes/gcm128.c
---- openssl-1.0.1e/crypto/modes/gcm128.c.fips-reqs	2013-02-11 16:26:04.000000000 +0100
-+++ openssl-1.0.1e/crypto/modes/gcm128.c	2013-12-18 12:17:09.800637730 +0100
-@@ -898,6 +898,10 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT
- # endif
- #endif
- 
-+	ctx->totlen += len;
-+	if (ctx->totlen>(U64(1)<<36) || (sizeof(len)==8 && ctx->totlen<len))
-+		return -1;
-+
- #if 0
- 	n = (unsigned int)mlen%16; /* alternative to ctx->mres */
- #endif
-@@ -1200,6 +1204,10 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_C
- # endif
- #endif
- 
-+	ctx->totlen += len;
-+	if (ctx->totlen>(U64(1)<<36) || (sizeof(len)==8 && ctx->totlen<len))
-+		return -1;
-+
- 	mlen += len;
- 	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
- 		return -1;
-diff -up openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs openssl-1.0.1e/crypto/modes/modes_lcl.h
---- openssl-1.0.1e/crypto/modes/modes_lcl.h.fips-reqs	2013-12-18 12:17:09.388628895 +0100
-+++ openssl-1.0.1e/crypto/modes/modes_lcl.h	2013-12-18 12:17:09.800637730 +0100
-@@ -115,6 +115,7 @@ struct gcm128_context {
- 	unsigned int mres, ares;
- 	block128_f block;
- 	void *key;
-+	u64 totlen;
- };
- 
- struct xts128_context {
 diff -up openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs openssl-1.0.1e/crypto/rand/md_rand.c
 --- openssl-1.0.1e/crypto/rand/md_rand.c.fips-reqs	2013-12-18 12:17:09.763636936 +0100
 +++ openssl-1.0.1e/crypto/rand/md_rand.c	2013-12-18 12:17:09.800637730 +0100
diff --git a/SPECS/openssl.spec b/SPECS/openssl.spec
index 87367a0..51bf6a5 100644
--- a/SPECS/openssl.spec
+++ b/SPECS/openssl.spec
@@ -23,7 +23,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.1e
-Release: 42%{?dist}.4
+Release: 42%{?dist}.5
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -564,6 +564,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun libs -p /sbin/ldconfig
 
 %changelog
+* Thu Mar 26 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42.5
+- drop the AES-GCM restriction of 2^32 operations because the IV is
+  always 96 bits (32 bit fixed field + 64 bit invocation field)
+
 * Thu Mar 19 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-42.4
 - update fix for CVE-2015-0287 to what was released upstream