diff -Nru openssl-1.1.1f/debian/changelog openssl-1.1.1f/debian/changelog
--- openssl-1.1.1f/debian/changelog	2021-03-23 00:37:17.000000000 +1300
+++ openssl-1.1.1f/debian/changelog	2021-04-28 12:37:28.000000000 +1200
@@ -1,3 +1,14 @@
+openssl (1.1.1f-1ubuntu2.4) focal; urgency=medium
+
+  * Allow x509 certificates which set basicConstraints=CA:FALSE,pathlen:0
+    to validate, as it is common on self-signed leaf certificates.
+    (LP: #1926254)
+    - d/p/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch
+    - d/p/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch
+    - d/p/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch
+
+ -- Matthew Ruffell <matthew.ruffell@canonical.com>  Wed, 28 Apr 2021 12:37:28 +1200
+
 openssl (1.1.1f-1ubuntu2.3) focal-security; urgency=medium
 
   * SECURITY UPDATE: NULL pointer deref in signature_algorithms processing
diff -Nru openssl-1.1.1f/debian/patches/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch openssl-1.1.1f/debian/patches/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch
--- openssl-1.1.1f/debian/patches/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch	1970-01-01 12:00:00.000000000 +1200
+++ openssl-1.1.1f/debian/patches/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch	2021-04-28 12:36:28.000000000 +1200
@@ -0,0 +1,58 @@
+From 00a0da2f021e6a0bc9519a6a9e5be66d45e6fc91 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tmraz@fedoraproject.org>
+Date: Thu, 2 Apr 2020 15:56:12 +0200
+Subject: Allow certificates with Basic Constraints CA:false,
+ pathlen:0
+
+Do not mark such certificates with EXFLAG_INVALID although they
+violate the RFC 5280, they are syntactically correct and
+openssl itself can produce such certificates without any errors
+with command such as:
+
+openssl x509 -req -signkey private.pem -in csr.pem -out cert.pem \
+  -extfile <(echo "basicConstraints=CA:FALSE,pathlen:0")
+
+With the commit ba4356ae4002a04e28642da60c551877eea804f7 the
+EXFLAG_INVALID causes openssl to not consider such certificate
+even as leaf self-signed certificate which is breaking existing
+installations.
+
+Fixes: #11456
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/11463)
+
+(cherry picked from commit 428cf5ff83a48d0b51c97476586b2cbd053b6302)
+
+Origin: backport, https://github.com/openssl/openssl/commit/00a0da2f021e6a0bc9519a6a9e5be66d45e6fc91
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1926254
+Last-Update: 2021-04-28
+---
+ crypto/x509v3/v3_purp.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+Index: openssl-1.1.1f/crypto/x509v3/v3_purp.c
+===================================================================
+--- openssl-1.1.1f.orig/crypto/x509v3/v3_purp.c	2021-04-28 12:36:23.171813845 +1200
++++ openssl-1.1.1f/crypto/x509v3/v3_purp.c	2021-04-28 12:36:23.171813845 +1200
+@@ -384,12 +384,16 @@
+         if (bs->ca)
+             x->ex_flags |= EXFLAG_CA;
+         if (bs->pathlen) {
+-            if ((bs->pathlen->type == V_ASN1_NEG_INTEGER)
+-                || !bs->ca) {
++            if (bs->pathlen->type == V_ASN1_NEG_INTEGER) {
+                 x->ex_flags |= EXFLAG_INVALID;
+                 x->ex_pathlen = 0;
+-            } else
++            } else {
+                 x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
++                if (!bs->ca && x->ex_pathlen != 0) {
++                    x->ex_flags |= EXFLAG_INVALID;
++                    x->ex_pathlen = 0;
++                }
++            }
+         } else
+             x->ex_pathlen = -1;
+         BASIC_CONSTRAINTS_free(bs);
diff -Nru openssl-1.1.1f/debian/patches/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch openssl-1.1.1f/debian/patches/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch
--- openssl-1.1.1f/debian/patches/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch	1970-01-01 12:00:00.000000000 +1200
+++ openssl-1.1.1f/debian/patches/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch	2021-04-28 12:36:50.000000000 +1200
@@ -0,0 +1,40 @@
+From 29e94f285f7f05b1aec6fa275e320bc5fa37ab1e Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tmraz@fedoraproject.org>
+Date: Thu, 2 Apr 2020 17:31:21 +0200
+Subject: Set X509_V_ERR_INVALID_EXTENSION error for invalid basic
+ constraints
+
+If we encounter certificate with basic constraints CA:false,
+pathlen present and X509_V_FLAG_X509_STRICT is set we set
+X509_V_ERR_INVALID_EXTENSION error.
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/11463)
+
+(cherry picked from commit fa86e2ee3533bb7fa9f3c62c38920cf960e9fec0)
+
+Origin: backport, https://github.com/openssl/openssl/commit/29e94f285f7f05b1aec6fa275e320bc5fa37ab1e
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1926254
+Last-Update: 2021-04-28
+---
+ crypto/x509/x509_vfy.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+Index: openssl-1.1.1f/crypto/x509/x509_vfy.c
+===================================================================
+--- openssl-1.1.1f.orig/crypto/x509/x509_vfy.c	2021-04-28 12:36:45.188161055 +1200
++++ openssl-1.1.1f/crypto/x509/x509_vfy.c	2021-04-28 12:36:45.184160991 +1200
+@@ -508,6 +508,12 @@
+                 ret = 1;
+             break;
+         }
++        if ((x->ex_flags & EXFLAG_CA) == 0
++            && x->ex_pathlen != -1
++            && (ctx->param->flags & X509_V_FLAG_X509_STRICT)) {
++            ctx->error = X509_V_ERR_INVALID_EXTENSION;
++            ret = 0;
++        }
+         if (ret == 0 && !verify_cb_cert(ctx, x, i, X509_V_OK))
+             return 0;
+         /* check_purpose() makes the callback as needed */
diff -Nru openssl-1.1.1f/debian/patches/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch openssl-1.1.1f/debian/patches/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch
--- openssl-1.1.1f/debian/patches/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch	1970-01-01 12:00:00.000000000 +1200
+++ openssl-1.1.1f/debian/patches/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch	2021-04-28 12:37:09.000000000 +1200
@@ -0,0 +1,91 @@
+From e78f2a8f269a4dcf820ca994e2b89b77972d79e1 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tmraz@fedoraproject.org>
+Date: Fri, 3 Apr 2020 10:24:40 +0200
+Subject: Add test cases for the non CA certificate with pathlen:0
+
+Accept verification without -x509_strict and reject it with it.
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/11463)
+
+(cherry picked from commit 3cb55fe47c3398b81956e4fe20c4004524d47519)
+
+Origin: backport, https://github.com/openssl/openssl/commit/e78f2a8f269a4dcf820ca994e2b89b77972d79e1
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1926254
+Last-Update: 2021-04-28
+---
+ test/certs/ee-pathlen.pem     | 17 +++++++++++++++++
+ test/certs/setup.sh           |  4 +++-
+ test/recipes/25-test_verify.t |  6 +++++-
+ 3 files changed, 25 insertions(+), 2 deletions(-)
+ create mode 100644 test/certs/ee-pathlen.pem
+
+Index: openssl-1.1.1f/test/certs/ee-pathlen.pem
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ openssl-1.1.1f/test/certs/ee-pathlen.pem	2021-04-28 12:37:03.184441911 +1200
+@@ -0,0 +1,17 @@
++-----BEGIN CERTIFICATE-----
++MIICszCCAZugAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg
++Fw0yMDA0MDMwODA0MTVaGA8yMTIwMDQwNDA4MDQxNVowGTEXMBUGA1UEAwwOc2Vy
++dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY
++YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT
++5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l
++Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1
++U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5
++ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn
++iIQPYf55NB9KiR+3AgMBAAGjEDAOMAwGA1UdEwQFMAMCAQAwDQYJKoZIhvcNAQEL
++BQADggEBAApOUnWWd09I0ts3xa1oK7eakc+fKTF4d7pbGznFNONaCR3KFRgnBVlG
++Bm8/oehrrQ28Ad3XPSug34DQQ5kM6JIuaddx50/n4Xkgj8/fgXVA0HXizOJ3QpKC
++IojLVajXlQHhpo72VUQuNOha0UxG9daYjS20iXRhanTm9rUz7qQZEugVQCiR0z/f
++9NgM7FU9UaSidzH3gZu/Ufc4Ggn6nZV7LM9sf4IUV+KszS1VpcK+9phAmsB6BaAi
++cFXvVXZjTNualQgPyPwOD8c+vVCIfIemfF5TZ6fyqpOjprWQAphwrTtfNDSmqRTz
++FRhDf+vJERQclgUtg37EgWGKtnNQeRY=
++-----END CERTIFICATE-----
+Index: openssl-1.1.1f/test/certs/setup.sh
+===================================================================
+--- openssl-1.1.1f.orig/test/certs/setup.sh	2021-04-28 12:37:03.188441974 +1200
++++ openssl-1.1.1f/test/certs/setup.sh	2021-04-28 12:37:03.184441911 +1200
+@@ -154,7 +154,7 @@
+     -addtrust anyExtendedKeyUsage -out sca+anyEKU.pem
+ 
+ # Primary leaf cert: ee-cert
+-# ee variants: expired, issuer-key2, issuer-name2
++# ee variants: expired, issuer-key2, issuer-name2, bad-pathlen
+ # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth
+ # purpose variants: client
+ #
+@@ -163,6 +163,8 @@
+ ./mkcert.sh genee server.example ee-key ee-cert2 ca-key2 ca-cert2
+ ./mkcert.sh genee server.example ee-key ee-name2 ca-key ca-name2
+ ./mkcert.sh genee -p clientAuth server.example ee-key ee-client ca-key ca-cert
++./mkcert.sh genee server.example ee-key ee-pathlen ca-key ca-cert \
++    -extfile <(echo "basicConstraints=CA:FALSE,pathlen:0")
+ #
+ openssl x509 -in ee-cert.pem -trustout \
+     -addtrust serverAuth -out ee+serverAuth.pem
+Index: openssl-1.1.1f/test/recipes/25-test_verify.t
+===================================================================
+--- openssl-1.1.1f.orig/test/recipes/25-test_verify.t	2021-04-28 12:37:03.188441974 +1200
++++ openssl-1.1.1f/test/recipes/25-test_verify.t	2021-04-28 12:37:03.184441911 +1200
+@@ -27,7 +27,7 @@
+     run(app([@args]));
+ }
+ 
+-plan tests => 135;
++plan tests => 137;
+ 
+ # Canonical success
+ ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
+@@ -222,6 +222,10 @@
+    "accept direct match with client trust");
+ ok(!verify("ee-client", "sslclient", [qw(ee-clientAuth)], [], "-partial_chain"),
+    "reject direct match with client mistrust");
++ok(verify("ee-pathlen", "sslserver", [qw(root-cert)], [qw(ca-cert)]),
++   "accept non-ca with pathlen:0 by default");
++ok(!verify("ee-pathlen", "sslserver", [qw(root-cert)], [qw(ca-cert)], "-x509_strict"),
++   "reject non-ca with pathlen:0 with strict flag");
+ 
+ # Proxy certificates
+ ok(!verify("pc1-cert", "sslclient", [qw(root-cert)], [qw(ee-client ca-cert)]),
diff -Nru openssl-1.1.1f/debian/patches/series openssl-1.1.1f/debian/patches/series
--- openssl-1.1.1f/debian/patches/series	2021-03-23 00:37:13.000000000 +1300
+++ openssl-1.1.1f/debian/patches/series	2021-04-28 12:36:59.000000000 +1200
@@ -51,3 +51,6 @@
 CVE-2021-3449-2.patch
 CVE-2021-3449-3.patch
 CVE-2021-3449-4.patch
+lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch
+lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch
+lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch