diff --git a/0012-Disable-explicit-ec.patch b/0012-Disable-explicit-ec.patch
index 3b3e821..a1df020 100644
--- a/0012-Disable-explicit-ec.patch
+++ b/0012-Disable-explicit-ec.patch
@@ -38,3 +38,43 @@ diff -up openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c.disable_expl
      return EC_KEY_set_group(ec, group) > 0;
  }
  
+diff -up openssl-3.0.1/providers/common/securitycheck.c.disable_explicit_ec openssl-3.0.1/providers/common/securitycheck.c
+--- openssl-3.0.1/providers/common/securitycheck.c.disable_explicit_ec	2022-02-25 11:44:19.554673396 +0100
++++ openssl-3.0.1/providers/common/securitycheck.c	2022-02-25 12:16:38.168610089 +0100
+@@ -93,22 +93,22 @@ int ossl_rsa_check_key(OSSL_LIB_CTX *ctx
+ int ossl_ec_check_key(OSSL_LIB_CTX *ctx, const EC_KEY *ec, int protect)
+ {
+ # if !defined(OPENSSL_NO_FIPS_SECURITYCHECKS)
+-    if (ossl_securitycheck_enabled(ctx)) {
+-        int nid, strength;
+-        const char *curve_name;
+-        const EC_GROUP *group = EC_KEY_get0_group(ec);
++    int nid, strength;
++    const char *curve_name;
++    const EC_GROUP *group = EC_KEY_get0_group(ec);
+ 
+-        if (group == NULL) {
+-            ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "No group");
+-            return 0;
+-        }
+-        nid = EC_GROUP_get_curve_name(group);
+-        if (nid == NID_undef) {
+-            ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE,
+-                           "Explicit curves are not allowed in fips mode");
+-            return 0;
+-        }
++    if (group == NULL) {
++        ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "No group");
++        return 0;
++    }
++    nid = EC_GROUP_get_curve_name(group);
++    if (nid == NID_undef) {
++        ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE,
++                       "Explicit curves are not allowed in this build");
++        return 0;
++    }
+ 
++    if (ossl_securitycheck_enabled(ctx)) {
+         curve_name = EC_curve_nid2nist(nid);
+         if (curve_name == NULL) {
+             ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE,
diff --git a/openssl.spec b/openssl.spec
index 33f1ca2..81356fe 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -15,7 +15,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 3.0.1
-Release: 12%{?dist}
+Release: 13%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -412,6 +412,10 @@ install -m644 %{SOURCE9} \
 %ldconfig_scriptlets libs
 
 %changelog
+* Fri Feb 25 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-13
+- OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
+- Resolves: rhbz#1977867
+
 * Thu Feb 24 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 1:3.0.1-12
 - Support KBKDF (NIST SP800-108) with an R value of 8bits
 - Resolves: rhbz#2027261