diff --git a/openssl-0.9.8b-cve-2006-2940.patch b/openssl-0.9.8b-cve-2006-2940.patch
index 657b857..47f511b 100644
--- a/openssl-0.9.8b-cve-2006-2940.patch
+++ b/openssl-0.9.8b-cve-2006-2940.patch
@@ -53,7 +53,7 @@ diff -u -r1.24.2.3 dh_key.c
 +	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
 +		{
 +		DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
-+		goto err;
++		return -1;
 +		}
 +
  	ctx = BN_CTX_new();
diff --git a/openssl.spec b/openssl.spec
index 33ec11a..0360ff7 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
 Summary: The OpenSSL toolkit
 Name: openssl
 Version: 0.9.8b
-Release: 7
+Release: 8
 Source: openssl-%{version}-usa.tar.bz2
 Source1: hobble-openssl
 Source2: Makefile.certificate
@@ -363,6 +363,9 @@ rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint
 %postun -p /sbin/ldconfig
 
 %changelog
+* Mon Oct  2 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-8
+- CVE-2006-2940 fix was incorrect (#208744)
+
 * Mon Sep 25 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-7
 - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
 - fix CVE-2006-2940 - parasitic public keys DoS (#207274)