diff --git a/libica-4.0.3.tar.gz b/libica-4.0.3.tar.gz
new file mode 100644
index 0000000..dcff85c
--- /dev/null
+++ b/libica-4.0.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fe44e8b31f0d0f09da3f86ef46d6089fea7d7c453f5d196b88cee6ab4621a385
+size 553081
diff --git a/libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch b/libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
index 7dd262c..b1e8b0c 100644
--- a/libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
+++ b/libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
@@ -32,13 +32,15 @@ diff --git a/src/Makefile.am b/src/Makefile.am
 index 4a1ef14..2be01a5 100644
 --- a/src/Makefile.am
 +++ b/src/Makefile.am
-@@ -46,13 +46,13 @@ mp.S	: mp.pl
+@@ -47,6 +47,7 @@
  	./mp.pl mp.S
  
  if ICA_FIPS
 +FIPSHMAC ?= ${top_srcdir}/openssl-fipshmac
- hmac-file-lnk: hmac-file
- 	$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
+ fipsinstall:
+ 	$(AM_V_GEN) openssl dgst -sha256 -mac hmac -macopt hexkey:00000000 $(DESTDIR)$(libdir)/libica.so.$(VERSION1) | sed -e 's/^.* //' > $(DESTDIR)$(libdir)/.libica.so.$(VERSION1).hmac
+ 	$(AM_V_GEN) cd $(DESTDIR)$(libdir) && ln -sf .libica.so.$(VERSION1).hmac .libica.so.$(MAJOR).hmac
+@@ -58,8 +59,7 @@
  	$(AM_V_GEN) cd ${top_builddir}/src/.libs && ln -sf .libica-cex.so.$(VERSION1).hmac .libica-cex.so.$(MAJOR).hmac
  
  hmac-file: libica.la libica-cex.la
diff --git a/libica-rpmlintrc b/libica-rpmlintrc
index d02edc6..dd74098 100644
--- a/libica-rpmlintrc
+++ b/libica-rpmlintrc
@@ -3,3 +3,4 @@ addFilter("libica-devel-static.* shlib-policy-missing-lib")
 addFilter("libica-tools.* devel-file-in-non-devel-package .* /usr/lib64/libica.so")
 addFilter("libica-tools.* files-duplicate /usr/share/doc/packages/libica-tools/COPYING /usr/share/doc/packages/libica-tools/LICENSE")
 addFilter("libica*.* hidden-file-or-dir /usr/lib64/.libica.so.*.hmac")
+addFilter("libica*.* hidden-file-or-dir /usr/lib64/.libica-cex.so.*.hmac")
diff --git a/libica-sles15sp2-FIPS-hmac-key.patch b/libica-sles15sp5-FIPS-hmac-key.patch
similarity index 54%
rename from libica-sles15sp2-FIPS-hmac-key.patch
rename to libica-sles15sp5-FIPS-hmac-key.patch
index f533fa7..c473357 100644
--- a/libica-sles15sp2-FIPS-hmac-key.patch
+++ b/libica-sles15sp5-FIPS-hmac-key.patch
@@ -1,6 +1,8 @@
---- libica-3.6.0/src/fips.c	2020-05-04 17:01:23.238805001 -0400
-+++ libica-3.6.0/src/fips.c	2020-05-04 16:58:51.352241763 -0400
-@@ -45,8 +45,7 @@
+--- libica-4.3.0/src/fips.c	2020-05-04 17:01:23.238805001 -0400
++++ libica-4.3.0/src/fips.c	2020-05-04 16:58:51.352241763 -0400
+@@ -65,10 +65,9 @@
+  * integrity test. The recommended key size for HMAC-SHA256 is 64 bytes.
+  * The known HMAC is supposed to be provided as hex string in a file
   * .libica.so.VERSION.hmac in the same directory as the .so module.
 - */
 + /* HMAC key is hexidecimal for: "orboDeJITITejsirpADONivirpUkvarP" */
@@ -9,5 +11,5 @@
 -	"0000000000000000000000000000000000000000000000000000000000000000";
 +	"6f72626f44654a49544954656a7369727041444f4e6976697270556b76617250";
  
- int fips;
+ #endif /* ICA_INTERNAL_TEST */
  
diff --git a/libica.changes b/libica.changes
index 53400d3..ba1f7fa 100644
--- a/libica.changes
+++ b/libica.changes
@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Mon Sep 12 19:09:59 UTC 2022 - Mark Post <mpost@suse.com>
+
+- Upgraded to version 4.0.3 (jsc#PED-581, jsc#PED-621, jsc#PED-629)
+  v4.0.3
+   - [PATCH] Reduce the number of open file descriptors
+   - [PATCH] Various bug fixes
+  v4.0.2
+   - [PATCH] Various bug fixes
+  v4.0.1
+   - [PATCH] Various bug fixes
+   - [PATCH] Compute HMAC from installed library
+  v4.0.0
+   - [UPDATE] NO_SW_FALLBACKS is now the default for libica.so
+     [UPDATE] Removed deprecated API functions including tests
+     [UPDATE] Introduced 'const' for some API function parameters
+     [FEATURE] icastats: new parm -k to display detailed counters
+- Updated the libica-rpmlintrc file to suppress warnings about the 
+  libica-cex hmac files being hidden.
+- Updated the spec file to properly both obsolete and provide two
+  older versions of the package.
+
 -------------------------------------------------------------------
 Tue Oct 19 21:20:22 UTC 2021 - Mark Post <mpost@suse.com>
 
diff --git a/libica.spec b/libica.spec
index c4444f5..dbb8187 100644
--- a/libica.spec
+++ b/libica.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package libica
 #
-# Copyright (c) 2018-2021 SUSE LLC
+# Copyright (c) 2018-2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
 %endif
 
 Name:           libica
-Version:        3.9.0
+Version:        4.0.3
 Release:        0
 Summary:        Library interface for the IBM Cryptographic Accelerator device driver
 License:        CPL-1.0
@@ -38,7 +38,7 @@ Source5:        z90crypt.service
 Source6:        baselibs.conf
 Source7:        %{name}-rpmlintrc
 Patch01:        libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
-Patch99:        libica-sles15sp2-FIPS-hmac-key.patch
+Patch99:        libica-sles15sp5-FIPS-hmac-key.patch
 
 BuildRequires:  autoconf
 BuildRequires:  automake
@@ -68,10 +68,12 @@ modules to interface with the IBM eServer Cryptographic Accelerator
 Summary:        Utilities for the IBM Cryptographic Accelerator
 Group:          Hardware/Other
 Obsoletes:      libica < %{version}-%{release}
-Obsoletes:      libica-2_3_0
-Obsoletes:      libica2
+Obsoletes:      libica-2_3_0 < %{version}-%{release}
+Obsoletes:      libica2 < %{version}-%{release}
 Provides:       libica = %{version}-%{release}
+Provides:       libica-2_3_0 = %{version}-%{release}
 Provides:       libica-plugin = %{version}-%{release}
+Provides:       libica2 = %{version}-%{release}
 
 %description tools
 This package contains command-line utilities to inspect the IBM
@@ -127,6 +129,7 @@ autoreconf --force --install
 
 %install
 %make_install FIPSHMAC=fipshmac
+make fipsinstall FIPSHMAC=fipshmac DESTDIR=%{buildroot}
 mkdir -p %{buildroot}%{_includedir}
 cp -p include/ica_api.h %{buildroot}%{_includedir}
 mkdir -p %{buildroot}%{_sbindir}
@@ -177,7 +180,7 @@ rmdir %{buildroot}%{_datadir}/doc/libica
 %license LICENSE
 %doc README.SUSE
 %{_sbindir}/rcz90crypt
-%{_fillupdir}/sysconfig.z90crypt
+%attr(644,root,root) %{_fillupdir}/sysconfig.z90crypt
 %{_bindir}/icainfo
 %{_bindir}/icainfo-cex
 %{_bindir}/icastats