diff --git a/0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch b/0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch
new file mode 100644
index 0000000..3f8a93f
--- /dev/null
+++ b/0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch
@@ -0,0 +1,28 @@
+From 84f2299f6b3b56cf5342ad378c3641be548bf79c Mon Sep 17 00:00:00 2001
+From: Felipe Zimmerle <fcosta@trustwave.com>
+Date: Mon, 3 Nov 2014 10:13:21 -0800
+Subject: [PATCH] mlogc: Changes the default SSL algo to TLS 1.2
+
+As reported by Josh Amishav-Zlatin, mlogc was making usage of SSLv3 instead of
+TLS 1.2. Servers should not answer SSLv3 after poodle.
+---
+ mlogc/mlogc.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/mlogc/mlogc.c b/mlogc/mlogc.c
+index 4163230..c4b2a23 100644
+--- a/mlogc/mlogc.c
++++ b/mlogc/mlogc.c
+@@ -1218,8 +1218,8 @@ static void logc_init(void)
+         curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+         curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
+         curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+-        /* SSLv3 works better overall as some servers have issues with TLS */
+-        curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
++        curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
++
+         curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 15);
+         curl_easy_setopt(curl, CURLOPT_NOSIGNAL, TRUE);
+         curl_easy_setopt(curl, CURLOPT_HEADER, TRUE);
+--
+1.9.1
\ No newline at end of file
diff --git a/mod_security.spec b/mod_security.spec
index 857743d..83dcc8e 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -10,7 +10,7 @@
 Summary: Security module for the Apache HTTP Server
 Name: mod_security 
 Version: 2.8.0
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: ASL 2.0
 URL: http://www.modsecurity.org/
 Group: System Environment/Daemons
@@ -18,6 +18,7 @@ Source: https://www.modsecurity.org/tarball/%{version}/modsecurity-%{version}.ta
 Source1: mod_security.conf
 Source2: 10-mod_security.conf
 Source3: modsecurity_localrules.conf
+Patch0: 0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch
 Requires: httpd httpd-mmn = %{_httpd_mmn}
 BuildRequires: httpd-devel libxml2-devel pcre-devel curl-devel lua-devel
 
@@ -38,6 +39,7 @@ This package contains the ModSecurity Audit Log Collector.
 
 %prep
 %setup -q -n modsecurity-%{version}
+%patch0 -p1
 
 %build
 %configure --enable-pcre-match-limit=1000000 \
@@ -120,6 +122,9 @@ rm -rf %{buildroot}
 %endif
 
 %changelog
+* Mon Nov 03 2014 Athmane Madjoudj <athmane@fedoraproject.org> 2.8.0-6
+- Changes the default SSL version to TLS 1.2 since SSLv3 is vulnerable to poodle
+
 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.0-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild