diff --git a/.gitignore b/.gitignore
index b059147..1bdca22 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@
 /cryptography-2.1.4.tar.gz
 /cryptography-2.2.1.tar.gz
 /cryptography-2.3.tar.gz
+/cryptography-2.5.tar.gz
diff --git a/0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch b/0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch
deleted file mode 100644
index 288d3fb..0000000
--- a/0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 2716cd2fa55cc867656a3e797797f5a1386afd69 Mon Sep 17 00:00:00 2001
-From: Alex Gaynor <alex.gaynor@gmail.com>
-Date: Sun, 12 Aug 2018 15:48:24 -0400
-Subject: [PATCH] Fixed #4380 -- do not assume TLSv1 is available in OpenSSL
- (#4389)
-
-* Fixed #4380 -- do not assume TLSv1 is available in OpenSSL
-
-Hallelujah! It's starting to become the case that some OpenSSLs are disabling it.
-
-* cover this file as well
----
- tests/hazmat/backends/test_openssl.py | 2 +-
- tests/hazmat/bindings/test_openssl.py | 9 ++++++---
- 2 files changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
-index 31b34cd0..e77f5dc3 100644
---- a/tests/hazmat/backends/test_openssl.py
-+++ b/tests/hazmat/backends/test_openssl.py
-@@ -115,7 +115,7 @@ class TestOpenSSL(object):
-         assert len(errors) == 10
- 
-     def test_ssl_ciphers_registered(self):
--        meth = backend._lib.TLSv1_method()
-+        meth = backend._lib.SSLv23_method()
-         ctx = backend._lib.SSL_CTX_new(meth)
-         assert ctx != backend._ffi.NULL
-         backend._lib.SSL_CTX_free(ctx)
-diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
-index 488f64e1..f317f07f 100644
---- a/tests/hazmat/bindings/test_openssl.py
-+++ b/tests/hazmat/bindings/test_openssl.py
-@@ -37,7 +37,8 @@ class TestOpenSSL(object):
-         # Test that we're properly handling 32-bit unsigned on all platforms.
-         b = Binding()
-         assert b.lib.SSL_OP_ALL > 0
--        ctx = b.lib.SSL_CTX_new(b.lib.TLSv1_method())
-+        ctx = b.lib.SSL_CTX_new(b.lib.SSLv23_method())
-+        assert ctx != b.ffi.NULL
-         ctx = b.ffi.gc(ctx, b.lib.SSL_CTX_free)
-         current_options = b.lib.SSL_CTX_get_options(ctx)
-         resp = b.lib.SSL_CTX_set_options(ctx, b.lib.SSL_OP_ALL)
-@@ -49,7 +50,8 @@ class TestOpenSSL(object):
-         # Test that we're properly handling 32-bit unsigned on all platforms.
-         b = Binding()
-         assert b.lib.SSL_OP_ALL > 0
--        ctx = b.lib.SSL_CTX_new(b.lib.TLSv1_method())
-+        ctx = b.lib.SSL_CTX_new(b.lib.SSLv23_method())
-+        assert ctx != b.ffi.NULL
-         ctx = b.ffi.gc(ctx, b.lib.SSL_CTX_free)
-         ssl = b.lib.SSL_new(ctx)
-         ssl = b.ffi.gc(ssl, b.lib.SSL_free)
-@@ -63,7 +65,8 @@ class TestOpenSSL(object):
-         # Test that we're properly handling 32-bit unsigned on all platforms.
-         b = Binding()
-         assert b.lib.SSL_OP_ALL > 0
--        ctx = b.lib.SSL_CTX_new(b.lib.TLSv1_method())
-+        ctx = b.lib.SSL_CTX_new(b.lib.SSLv23_method())
-+        assert ctx != b.ffi.NULL
-         ctx = b.ffi.gc(ctx, b.lib.SSL_CTX_free)
-         ssl = b.lib.SSL_new(ctx)
-         ssl = b.ffi.gc(ssl, b.lib.SSL_free)
--- 
-2.17.1
-
diff --git a/python-cryptography.spec b/python-cryptography.spec
index ad29c28..717fcc5 100644
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@@ -10,16 +10,14 @@
 %global srcname cryptography
 
 Name:           python-%{srcname}
-Version:        2.3
-Release:        3%{?dist}
+Version:        2.5
+Release:        1%{?dist}
 Summary:        PyCA's cryptography library
 
 License:        ASL 2.0 or BSD
 URL:            https://cryptography.io/en/latest/
 Source0:        https://pypi.io/packages/source/c/%{srcname}/%{srcname}-%{version}.tar.gz
 
-Patch0001:      0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch
-
 BuildRequires:  openssl-devel
 BuildRequires:  gcc
 
@@ -131,14 +129,10 @@ popd
 
 
 %check
-# workaround for pytest 3.2.0 bug https://github.com/pytest-dev/pytest/issues/2644
-rm -f tests/hazmat/primitives/test_padding.py
 %{__python2} setup.py test
 
 %if 0%{?with_python3}
 pushd %{py3dir}
-# workaround for pytest 3.2.0 bug https://github.com/pytest-dev/pytest/issues/2644
-rm -f tests/hazmat/primitives/test_padding.py
 %{__python3} setup.py test
 popd
 %endif
@@ -160,6 +154,9 @@ popd
 
 
 %changelog
+* Wed Feb 13 2019 Alfredo Moralejo <amoralej@redhat.com> - 2.5-1
+- Updated to 2.5.
+
 * Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.3-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 
diff --git a/sources b/sources
index b8c32ea..d7ff933 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (cryptography-2.3.tar.gz) = 75e14020da500fdbbd578f004b22ef3237844185329adf59288b29f1b3ee9dd2005a2c4a933fe8609a59d168012a9f687bab0f31ab39ed6ca325198aa9295e52
+SHA512 (cryptography-2.5.tar.gz) = 5e8f8818fcaa8143526006b027107b8afbdc925d40c846701e65b2c7ee02235b7e0918246515520ef2030b1c87bb157d0d403c28ad68c31459d677af7e2d0b3f