diff --git a/net/vsftpd/Makefile b/net/vsftpd/Makefile
index 4e75f75b9..241808cb0 100644
--- a/net/vsftpd/Makefile
+++ b/net/vsftpd/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=vsftpd
-PKG_VERSION:=3.0.3
-PKG_RELEASE:=3
+PKG_VERSION:=3.0.4
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://security.appspot.com/downloads/
-PKG_HASH:=9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7
+PKG_HASH:=6b9421bd27e8a6cdeed5b31154f294a20b003a11a26c09500715a0a6b1b86a26
 
 PKG_MAINTAINER:=Cezary Jackiewicz <cezary@eko.one.pl>
 PKG_LICENSE:=GPLv2
diff --git a/net/vsftpd/patches/003-chroot.patch b/net/vsftpd/patches/003-chroot.patch
index 8965da417..355e219f7 100644
--- a/net/vsftpd/patches/003-chroot.patch
+++ b/net/vsftpd/patches/003-chroot.patch
@@ -1,6 +1,6 @@
 --- a/tunables.c
 +++ b/tunables.c
-@@ -254,7 +254,7 @@ tunables_load_defaults()
+@@ -261,7 +261,7 @@ tunables_load_defaults()
    /* -rw------- */
    tunable_chown_upload_mode = 0600;
  
diff --git a/net/vsftpd/patches/010-openssl-deprecated.patch b/net/vsftpd/patches/010-openssl-deprecated.patch
index 0db80b975..e7c06a803 100644
--- a/net/vsftpd/patches/010-openssl-deprecated.patch
+++ b/net/vsftpd/patches/010-openssl-deprecated.patch
@@ -20,7 +20,7 @@ Signed-off-by: Rosen Penev <rosenp@gmail.com>
  #include <errno.h>
  #include <limits.h>
  
-@@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess)
+@@ -66,8 +69,12 @@ ssl_init(struct vsf_session* p_sess)
      SSL_CTX* p_ctx;
      long options;
      int verify_option = 0;
@@ -33,7 +33,7 @@ Signed-off-by: Rosen Penev <rosenp@gmail.com>
      if (p_ctx == NULL)
      {
        die("SSL: could not allocate SSL context");
-@@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess)
+@@ -139,6 +146,7 @@ ssl_init(struct vsf_session* p_sess)
      {
        die("SSL: RNG is not seeded");
      }
@@ -41,7 +41,7 @@ Signed-off-by: Rosen Penev <rosenp@gmail.com>
      {
        EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
        if (key == NULL)
-@@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess)
+@@ -148,6 +156,7 @@ ssl_init(struct vsf_session* p_sess)
        SSL_CTX_set_tmp_ecdh(p_ctx, key);
        EC_KEY_free(key);
      }
@@ -49,7 +49,7 @@ Signed-off-by: Rosen Penev <rosenp@gmail.com>
      if (tunable_ssl_request_cert)
      {
        verify_option |= SSL_VERIFY_PEER;
-@@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_s
+@@ -685,7 +694,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_s
  static char*
  get_ssl_error()
  {