diff -Nru openvswitch-2.17.2/debian/changelog openvswitch-2.17.2/debian/changelog
--- openvswitch-2.17.2/debian/changelog	2022-07-20 12:35:11.000000000 +0000
+++ openvswitch-2.17.2/debian/changelog	2022-09-28 10:59:10.000000000 +0000
@@ -1,3 +1,10 @@
+openvswitch (2.17.2-0ubuntu0.22.04.2) jammy; urgency=medium
+
+  * d/p/python-Do-not-send-non-zero-flag-for-a-SSL-socket.patch:
+    Do not send non-zero flag for a SSL socket. (LP: #1985062)
+
+ -- Edward Hope-Morley <edward.hope-morley@canonical.com>  Wed, 28 Sep 2022 11:59:10 +0100
+
 openvswitch (2.17.2-0ubuntu0.22.04.1) jammy; urgency=medium
 
   * New upstream point release (LP: #1980211).
diff -Nru openvswitch-2.17.2/debian/patches/python-Do-not-send-non-zero-flag-for-a-SSL-socket.patch openvswitch-2.17.2/debian/patches/python-Do-not-send-non-zero-flag-for-a-SSL-socket.patch
--- openvswitch-2.17.2/debian/patches/python-Do-not-send-non-zero-flag-for-a-SSL-socket.patch	1970-01-01 00:00:00.000000000 +0000
+++ openvswitch-2.17.2/debian/patches/python-Do-not-send-non-zero-flag-for-a-SSL-socket.patch	2022-09-28 10:59:10.000000000 +0000
@@ -0,0 +1,54 @@
+From 1731ed43c6dca385ed1f6a7fb25148f0a34fd3b9 Mon Sep 17 00:00:00 2001
+From: Miro Tomaska <mtomaska@redhat.com>
+Date: Mon, 8 Aug 2022 12:32:42 -0500
+Subject: [PATCH] python: Do not send non-zero flag for a SSL socket.
+
+pyOpenSSL was recently switched for the Python standard library ssl
+module in the cited commit.  Python SSLsocket.send() does not allow
+non-zero optional flag and it will explicitly raise an exception for
+that.  pyOpenSSL did nothing with this flag but kept it to be
+compatible with socket API:
+  https://github.com/pyca/pyopenssl/blob/main/src/OpenSSL/SSL.py#L1844
+
+Fixes: 68543dd523bd ("python: Replace pyOpenSSL with ssl.")
+Reported-at: https://bugzilla.redhat.com/2115035
+Acked-By: Timothy Redaelli <tredaelli@redhat.com>
+Signed-off-by: Miro Tomaska <mtomaska@redhat.com>
+Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
+---
+ python/ovs/socket_util.py | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/python/ovs/socket_util.py b/python/ovs/socket_util.py
+index 651012bf0..7b41dc44b 100644
+--- a/python/ovs/socket_util.py
++++ b/python/ovs/socket_util.py
+@@ -23,6 +23,11 @@ import ovs.fatal_signal
+ import ovs.poller
+ import ovs.vlog
+ 
++try:
++    import ssl
++except ImportError:
++    ssl = None
++
+ if sys.platform == 'win32':
+     import ovs.winutils as winutils
+     import win32file
+@@ -178,7 +183,12 @@ def check_connection_completion(sock):
+         if revents & ovs.poller.POLLERR or revents & ovs.poller.POLLHUP:
+             try:
+                 # The following should raise an exception.
+-                sock.send("\0".encode(), socket.MSG_DONTWAIT)
++                if ssl and isinstance(sock, ssl.SSLSocket):
++                    # SSL wrapped socket does not allow
++                    # non-zero optional flag.
++                    sock.send("\0".encode())
++                else:
++                    sock.send("\0".encode(), socket.MSG_DONTWAIT)
+ 
+                 # (Here's where we end up if it didn't.)
+                 # XXX rate-limit
+-- 
+2.34.1
+
diff -Nru openvswitch-2.17.2/debian/patches/series openvswitch-2.17.2/debian/patches/series
--- openvswitch-2.17.2/debian/patches/series	2022-07-20 12:35:11.000000000 +0000
+++ openvswitch-2.17.2/debian/patches/series	2022-09-28 10:59:10.000000000 +0000
@@ -1,2 +1,3 @@
 ovs-ctl-ipsec.patch
 0001-ovsdb-idl-Support-write-only-changed-IDL-monitor-mod.patch
+python-Do-not-send-non-zero-flag-for-a-SSL-socket.patch