diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 212183e2c..6be72d76e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -154,7 +154,7 @@ jobs:
             - name: openssl
               version: vendored
             - name: openssl
-              version: 3.4.0-beta1
+              version: 3.4.0
             - name: openssl
               version: 3.3.0
             - name: openssl
@@ -216,7 +216,7 @@ jobs:
                 name: libressl
                 version: 4.0.0
       name: ${{ matrix.target }}-${{ matrix.library.name }}-${{ matrix.library.version }}-${{ matrix.bindgen }}
-      runs-on: ubuntu-latest
+      runs-on: ubuntu-22.04
       env:
         OPENSSL_DIR: /opt/openssl
         CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc
@@ -248,7 +248,7 @@ jobs:
         - uses: actions/cache@v4
           with:
             path: /opt/openssl
-            key: openssl-${{ matrix.target }}-${{ matrix.library.name }}-${{ matrix.library.version }}-6
+            key: openssl-${{ matrix.target }}-${{ matrix.library.name }}-${{ matrix.library.version }}-7
           if: matrix.library.version != 'vendored'
           id: openssl-cache
         - run: |
diff --git a/openssl-sys/CHANGELOG.md b/openssl-sys/CHANGELOG.md
index 641f0d4b7..03b76736e 100644
--- a/openssl-sys/CHANGELOG.md
+++ b/openssl-sys/CHANGELOG.md
@@ -2,6 +2,12 @@
 
 ## [Unreleased]
 
+## [v0.9.105] - 2025-02-02
+
+### Added
+
+* Added `DTLS_server_method` and `DTLS_client_method`.
+
 ## [v0.9.104] - 2024-10-15
 
 ### Added
diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml
index f82dbd3f1..406c793a8 100644
--- a/openssl-sys/Cargo.toml
+++ b/openssl-sys/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "openssl-sys"
-version = "0.9.104"
+version = "0.9.105"
 authors = [
     "Alex Crichton <alex@alexcrichton.com>",
     "Steven Fackler <sfackler@gmail.com>",
diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
index cd03888e6..ca9970740 100644
--- a/openssl-sys/build/cfgs.rs
+++ b/openssl-sys/build/cfgs.rs
@@ -68,6 +68,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
         if libressl_version >= 0x4_00_00_00_0 {
             cfgs.push("libressl400");
         }
+        if libressl_version >= 0x4_01_00_00_0 {
+            cfgs.push("libressl410");
+        }
     } else {
         let openssl_version = openssl_version.unwrap();
 
diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs
index f379e1e6b..e6a3db397 100644
--- a/openssl-sys/build/main.rs
+++ b/openssl-sys/build/main.rs
@@ -103,6 +103,7 @@ fn main() {
     println!("cargo:rustc-check-cfg=cfg(libressl382)");
     println!("cargo:rustc-check-cfg=cfg(libressl390)");
     println!("cargo:rustc-check-cfg=cfg(libressl400)");
+    println!("cargo:rustc-check-cfg=cfg(libressl410)");
 
     println!("cargo:rustc-check-cfg=cfg(ossl101)");
     println!("cargo:rustc-check-cfg=cfg(ossl102)");
diff --git a/openssl-sys/src/handwritten/ec.rs b/openssl-sys/src/handwritten/ec.rs
index f199bc891..19d93a55e 100644
--- a/openssl-sys/src/handwritten/ec.rs
+++ b/openssl-sys/src/handwritten/ec.rs
@@ -9,6 +9,7 @@ pub enum point_conversion_form_t {
     POINT_CONVERSION_HYBRID = 6,
 }
 
+#[cfg(not(libressl410))]
 pub enum EC_METHOD {}
 pub enum EC_GROUP {}
 pub enum EC_POINT {}
@@ -17,6 +18,7 @@ extern "C" {
     #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))]
     pub fn EC_GF2m_simple_method() -> *const EC_METHOD;
 
+    #[cfg(not(libressl410))]
     pub fn EC_GROUP_new(meth: *const EC_METHOD) -> *mut EC_GROUP;
 
     pub fn EC_GROUP_free(group: *mut EC_GROUP);
diff --git a/openssl-sys/src/handwritten/ssl.rs b/openssl-sys/src/handwritten/ssl.rs
index b86a54cbe..163c75aed 100644
--- a/openssl-sys/src/handwritten/ssl.rs
+++ b/openssl-sys/src/handwritten/ssl.rs
@@ -701,6 +701,10 @@ cfg_if! {
             pub fn TLS_server_method() -> *const SSL_METHOD;
 
             pub fn TLS_client_method() -> *const SSL_METHOD;
+
+            pub fn DTLS_server_method() -> *const SSL_METHOD;
+
+            pub fn DTLS_client_method() -> *const SSL_METHOD;
         }
     } else {
         extern "C" {
diff --git a/openssl/CHANGELOG.md b/openssl/CHANGELOG.md
index bc314c2ed..e69b26570 100644
--- a/openssl/CHANGELOG.md
+++ b/openssl/CHANGELOG.md
@@ -2,6 +2,16 @@
 
 ## [Unreleased]
 
+## [v0.10.70] - 2025-02-02
+
+### Fixed
+
+* Fixed improper lifetime constraints in `ssl::select_next_proto` that allowed a use after free.
+
+### Added
+
+* Added `SslMethod::dtls_client` and `SslMethod::dtls_server`.
+
 ## [v0.10.69] - 2025-01-25
 
 ### Fixed
diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml
index 43cef06d2..d3a3f45c1 100644
--- a/openssl/Cargo.toml
+++ b/openssl/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "openssl"
-version = "0.10.69"
+version = "0.10.70"
 authors = ["Steven Fackler <sfackler@gmail.com>"]
 license = "Apache-2.0"
 description = "OpenSSL bindings"
@@ -31,7 +31,7 @@ libc = "0.2"
 once_cell = "1.5.2"
 
 openssl-macros = { version = "0.1.1", path = "../openssl-macros" }
-ffi = { package = "openssl-sys", version = "0.9.104", path = "../openssl-sys" }
+ffi = { package = "openssl-sys", version = "0.9.105", path = "../openssl-sys" }
 
 [dev-dependencies]
 hex = "0.4"
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index c341642a2..e15c48b6d 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -364,6 +364,20 @@ impl SslMethod {
         unsafe { SslMethod(TLS_server_method()) }
     }
 
+    /// Support all versions of the DTLS protocol, explicitly as a client.
+    #[corresponds(DTLS_client_method)]
+    #[cfg(any(boringssl, ossl110, libressl291))]
+    pub fn dtls_client() -> SslMethod {
+        unsafe { SslMethod(DTLS_client_method()) }
+    }
+
+    /// Support all versions of the DTLS protocol, explicitly as a server.
+    #[corresponds(DTLS_server_method)]
+    #[cfg(any(boringssl, ossl110, libressl291))]
+    pub fn dtls_server() -> SslMethod {
+        unsafe { SslMethod(DTLS_server_method()) }
+    }
+
     /// Constructs an `SslMethod` from a pointer to the underlying OpenSSL value.
     ///
     /// # Safety
@@ -695,7 +709,7 @@ cfg_if! {
 ///
 /// [`SslContextBuilder::set_alpn_protos`]: struct.SslContextBuilder.html#method.set_alpn_protos
 #[corresponds(SSL_select_next_proto)]
-pub fn select_next_proto<'a>(server: &[u8], client: &'a [u8]) -> Option<&'a [u8]> {
+pub fn select_next_proto<'a>(server: &'a [u8], client: &'a [u8]) -> Option<&'a [u8]> {
     unsafe {
         let mut out = ptr::null_mut();
         let mut outlen = 0;
@@ -4288,7 +4302,7 @@ cfg_if! {
 }
 cfg_if! {
     if #[cfg(any(boringssl, ossl110, libressl291))] {
-        use ffi::{TLS_method, DTLS_method, TLS_client_method, TLS_server_method};
+        use ffi::{TLS_method, DTLS_method, TLS_client_method, TLS_server_method, DTLS_server_method, DTLS_client_method};
     } else {
         use ffi::{
             SSLv23_method as TLS_method, DTLSv1_method as DTLS_method, SSLv23_client_method as TLS_client_method,

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.69...openssl-v0.10.70.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.69...openssl-v0.10.70.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.69...openssl-v0.10.70.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.69...openssl-v0.10.70.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>