diff --git a/IO-Socket-SSL-2.021-use-system-default-SSL-version.patch b/IO-Socket-SSL-2.023-use-system-default-SSL-version.patch
similarity index 98%
rename from IO-Socket-SSL-2.021-use-system-default-SSL-version.patch
rename to IO-Socket-SSL-2.023-use-system-default-SSL-version.patch
index 5f89425..0354427 100644
--- a/IO-Socket-SSL-2.021-use-system-default-SSL-version.patch
+++ b/IO-Socket-SSL-2.023-use-system-default-SSL-version.patch
@@ -9,7 +9,7 @@
      SSL_verify_callback => undef,
      SSL_verifycn_scheme => undef,  # fallback cn verification
      SSL_verifycn_publicsuffix => undef,  # fallback default list verification
-@@ -2167,7 +2167,7 @@ sub new {
+@@ -2172,7 +2172,7 @@ sub new {
      $ssl_op |= &Net::SSLeay::OP_SINGLE_DH_USE;
      $ssl_op |= &Net::SSLeay::OP_SINGLE_ECDH_USE if $can_ecdh;
  
diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec
index 5c123ac..370bc71 100644
--- a/perl-IO-Socket-SSL.spec
+++ b/perl-IO-Socket-SSL.spec
@@ -1,5 +1,5 @@
 Name:		perl-IO-Socket-SSL
-Version:	2.022
+Version:	2.023
 Release:	1%{?dist}
 Summary:	Perl library for transparent SSL
 Group:		Development/Libraries
@@ -7,7 +7,7 @@ License:	GPL+ or Artistic
 URL:		http://search.cpan.org/dist/IO-Socket-SSL/
 Source0:	http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz
 Patch0:		IO-Socket-SSL-2.021-use-system-default-cipher-list.patch
-Patch1:		IO-Socket-SSL-2.021-use-system-default-SSL-version.patch
+Patch1:		IO-Socket-SSL-2.023-use-system-default-SSL-version.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
 BuildArch:	noarch
 # Module Build
@@ -115,6 +115,15 @@ rm -rf %{buildroot}
 %{_mandir}/man3/IO::Socket::SSL::Utils.3*
 
 %changelog
+* Sat Jan 30 2016 Paul Howarth <paul@city-fan.org> - 2.023-1
+- Update to 2.023
+  - OpenSSL 1.0.2f changed the behavior of SSL shutdown in case the TLS
+    connection was not fully established, which somehow resulted in
+    Net::SSLeay::shutdown returning 0 (i.e. keep trying) and hence an endless
+    loop; it will now ignore this result in case the TLS connection was not
+    yet established and consider the TLS connection closed instead
+- Update patches as needed
+
 * Thu Dec 10 2015 Paul Howarth <paul@city-fan.org> - 2.022-1
 - Update to 2.022
   - Fix stringification of IPv6 inside subjectAltNames in Utils::CERT_asHash
diff --git a/sources b/sources
index 9877046..bd22d08 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a5f284d543aec4a6fcd595eb5fc8898b  IO-Socket-SSL-2.022.tar.gz
+89df81cbc1c477937fdcfa8fea173a48  IO-Socket-SSL-2.023.tar.gz