diff --git a/community/tpm2-tss-engine/APKBUILD b/community/tpm2-tss-engine/APKBUILD
index 0fa2d2ede69..f2b024c914c 100644
--- a/community/tpm2-tss-engine/APKBUILD
+++ b/community/tpm2-tss-engine/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Alexander Sack <asac@pantacor.com>
 pkgname=tpm2-tss-engine
 pkgver=1.2.0
-pkgrel=2
+pkgrel=3
 pkgdesc="tpm2tss engine for openssl"
 url="https://github.com/tpm2-software/tpm2-tss-engine/"
 arch="all"
@@ -13,7 +13,8 @@ subpackages="
 	$pkgname-doc
 	$pkgname-bash-completion
 	"
-source="https://github.com/tpm2-software/tpm2-tss-engine/releases/download/$pkgver/tpm2-tss-engine-$pkgver.tar.gz"
+source="https://github.com/tpm2-software/tpm2-tss-engine/releases/download/$pkgver/tpm2-tss-engine-$pkgver.tar.gz
+	Fix-mismatch-of-OpenSSL-function-signatures-that-cau.patch"
 options="!check" # no tests
 
 prepare() {
@@ -37,4 +38,5 @@ package() {
 
 sha512sums="
 cd0f1c3b5251ab2f21159099cdb9c0b1cc68d7ad334d4c5245bba9c07274ecea7c86a531afc9ce6250635a9d0929a5147f461cc3760b15cd6ad099342af87ad0  tpm2-tss-engine-1.2.0.tar.gz
+8022bba8a6c26f12f9126c8b2a2d8686ff81724bd13aece7b0d069d4af4842b70ff02e3e394ea9b46f934979938a4b77502b615f138f05360b4e21c8168d03bc  Fix-mismatch-of-OpenSSL-function-signatures-that-cau.patch
 "
diff --git a/community/tpm2-tss-engine/Fix-mismatch-of-OpenSSL-function-signatures-that-cau.patch b/community/tpm2-tss-engine/Fix-mismatch-of-OpenSSL-function-signatures-that-cau.patch
new file mode 100644
index 00000000000..e7a32788f96
--- /dev/null
+++ b/community/tpm2-tss-engine/Fix-mismatch-of-OpenSSL-function-signatures-that-cau.patch
@@ -0,0 +1,74 @@
+From 766505bf5c943c614fd246d27d1e5cd66543250b Mon Sep 17 00:00:00 2001
+From: Matthias Gerstner <matthias.gerstner@suse.de>
+Date: Mon, 6 May 2024 16:07:54 +0200
+Subject: [PATCH] Fix mismatch of OpenSSL function signatures that cause errors
+ with gcc-14
+
+Building with gcc-14 fails with diagnostics like this:
+
+```
+src/tpm2-tss-engine-rsa.c:805:46: error: passing argument 2 of 'EVP_PKEY_meth_set_copy' from incompatible pointer type [-Wincompatible-pointer-types]
+  805 |     EVP_PKEY_meth_set_copy(pkey_rsa_methods, rsa_pkey_copy);
+      |                                              ^~~~~~~~~~~~~
+      |                                              |
+      |                                              int (*)(EVP_PKEY_CTX *, EVP_PKEY_CTX *) {aka int (*)(struct evp_pkey_ctx_st *, struct evp_pkey_ctx_st *)}
+/usr/include/openssl/evp.h:2005:36: note: expected 'int (*)(EVP_PKEY_CTX *, const EVP_PKEY_CTX *)' {aka 'int (*)(struct evp_pkey_ctx_st *, const struct evp_pkey_ctx_st *)'} but argument is of type 'int (*)(EVP_PKEY_CTX *, EVP_PKEY_CTX *)' {aka 'int (*)(struct evp_pkey_ctx_st *, struct evp_pkey_ctx_st *)'}
+```
+
+A look into OpenSSL upstream shows that these functions have always had const
+`src` parameters. Thus this error was simply not detected by earlier compiler
+versions.
+
+Signed-off-by: Matthias Gerstner <matthias.gerstner@suse.de>
+---
+ src/tpm2-tss-engine-ecc.c | 4 ++--
+ src/tpm2-tss-engine-rsa.c | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/tpm2-tss-engine-ecc.c b/src/tpm2-tss-engine-ecc.c
+index 9e72c85..f6b9c5a 100644
+--- a/src/tpm2-tss-engine-ecc.c
++++ b/src/tpm2-tss-engine-ecc.c
+@@ -52,7 +52,7 @@ EC_KEY_METHOD *ecc_methods = NULL;
+ #endif /* OPENSSL_VERSION_NUMBER < 0x10100000 */
+ 
+ #ifdef HAVE_OPENSSL_DIGEST_SIGN
+-static int (*ecdsa_pkey_orig_copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
++static int (*ecdsa_pkey_orig_copy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
+ static void (*ecdsa_pkey_orig_cleanup)(EVP_PKEY_CTX *ctx);
+ #endif /* HAVE_OPENSSL_DIGEST_SIGN */
+ 
+@@ -405,7 +405,7 @@ ecdsa_ec_key_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
+ 
+ #ifdef HAVE_OPENSSL_DIGEST_SIGN
+ static int
+-ecdsa_pkey_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
++ecdsa_pkey_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
+ {
+     if (ecdsa_pkey_orig_copy && !ecdsa_pkey_orig_copy(dst, src))
+         return 0;
+diff --git a/src/tpm2-tss-engine-rsa.c b/src/tpm2-tss-engine-rsa.c
+index 41de34e..e7260c2 100644
+--- a/src/tpm2-tss-engine-rsa.c
++++ b/src/tpm2-tss-engine-rsa.c
+@@ -49,7 +49,7 @@ RSA_METHOD *rsa_methods = NULL;
+ #endif /* OPENSSL_VERSION_NUMBER < 0x10100000 */
+ 
+ #ifdef HAVE_OPENSSL_DIGEST_SIGN
+-static int (*rsa_pkey_orig_copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
++static int (*rsa_pkey_orig_copy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
+ static void (*rsa_pkey_orig_cleanup)(EVP_PKEY_CTX *ctx);
+ #endif /* HAVE_OPENSSL_DIGEST_SIGN */
+ 
+@@ -637,7 +637,7 @@ RSA_METHOD rsa_methods = {
+ 
+ #ifdef HAVE_OPENSSL_DIGEST_SIGN
+ static int
+-rsa_pkey_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
++rsa_pkey_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
+ {
+     if (rsa_pkey_orig_copy && !rsa_pkey_orig_copy(dst, src))
+         return 0;
+-- 
+2.46.0
+