diff --git a/Add-const-qualifiers-to-OpenSSL-X509-pointers.patch b/Add-const-qualifiers-to-OpenSSL-X509-pointers.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5c72bf79bb1e617b4f704789573e242d679b58da
--- /dev/null
+++ b/Add-const-qualifiers-to-OpenSSL-X509-pointers.patch
@@ -0,0 +1,47 @@
+From 82d28b1be73bbc00e73e59d0c59c51a1e76519a5 Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo@redhat.com>
+Date: Mon, 27 Apr 2026 17:49:56 -0400
+Subject: [PATCH] Add const qualifiers to OpenSSL X509 pointers
+
+Added const qualifiers to the X509_NAME and X509_NAME_ENTRY pointers when
+retrieving subject and issuer names from TLS certificates. This ensures const-
+correctness and maintains compatibility with newer OpenSSL versions, which
+return const pointers from these getter functions.
+
+Co-authored-by: Gemini <gemini@google.com>
+Signed-off-by: Simo Sorce <simo@redhat.com>
+---
+ src/lib/asiolink/openssl_tls.h | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/lib/asiolink/openssl_tls.h b/src/lib/asiolink/openssl_tls.h
+index 57c3323..52a969b 100644
+--- a/src/lib/asiolink/openssl_tls.h
++++ b/src/lib/asiolink/openssl_tls.h
+@@ -175,9 +175,9 @@ public:
+         if (!cert) {
+             return ("");
+         }
+-        ::X509_NAME *name = ::X509_get_subject_name(cert);
++        const ::X509_NAME *name = ::X509_get_subject_name(cert);
+         int loc = ::X509_NAME_get_index_by_NID(name, NID_commonName, -1);
+-        ::X509_NAME_ENTRY* ne = ::X509_NAME_get_entry(name, loc);
++        const ::X509_NAME_ENTRY* ne = ::X509_NAME_get_entry(name, loc);
+         if (!ne) {
+             ::X509_free(cert);
+             return ("");
+@@ -209,9 +209,9 @@ public:
+         if (!cert) {
+             return ("");
+         }
+-        ::X509_NAME *name = ::X509_get_issuer_name(cert);
++        const ::X509_NAME *name = ::X509_get_issuer_name(cert);
+         int loc = ::X509_NAME_get_index_by_NID(name, NID_commonName, -1);
+-        ::X509_NAME_ENTRY* ne = ::X509_NAME_get_entry(name, loc);
++        const ::X509_NAME_ENTRY* ne = ::X509_NAME_get_entry(name, loc);
+         if (!ne) {
+             ::X509_free(cert);
+             return ("");
+-- 
+2.53.0
+
diff --git a/kea-2.4.1.tar.gz.asc b/kea-2.4.1.tar.gz.asc
deleted file mode 100644
index 19ad42792294a0bb17d8568349456e80e8617f83..0000000000000000000000000000000000000000
--- a/kea-2.4.1.tar.gz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEE2mo1COZypJ3Tgq/ZW49NkbiO2QkFAmVlt28ACgkQW49NkbiO
-2QmI3g/8DRsJRa85qqDuWNcfE5qv3Aj0BWZwqv2pM60vGBHCcXRbsfIEMOd7boww
-OvehccLJ5ybpBAFWEh6LyKfllX8xbnY8u4Hio8RiwyFgycKASLn9xYoQisq30wxW
-iNNS7Ep+mCrkjNXvVP7W3bvcwMPpRrkVaTGFva/4zeTv+8hKU62y3ltxKL6BZG+4
-2vCqBQ2g4jfecHzigQJx2fV1epJ2XyG6hjXtoMqziEZ7nvhyG7sZowhLK/QZXl2u
-ja4EdmRAZBXcsCXzBN7W42K5P2damH+mde4W0b71WlrHZQVouNvLDyMIsn3CTU7q
-84qfUNpz0i1hnofLRAMIoLUepXZiwcMdX6MCL7R8u0HIcNy4xj7giPIRndVUORCf
-r2be7vr8MFkOZ/em2t5vv8FaJkq/9AK4b7qISyOvYoRB0GKyWcdbex0l+yJAhc1K
-tFX6lyLOUIBToJ7xNE5W1xBCUoblVqZ2eLLUV844HPFNRzVb33+Pl+oL2h7MVpTs
-KY5frHIH1sV+SK/oxEcrfjXsTQwFImmzuTwJK5/ucZtnl97TEikq6lwI6QG/DbiL
-KhDJXouJP4yMAN7z59PXZKXMSH+iscqiNGlN+XXGm/fUwNt4Ennosj+ElRh7bk+H
-AwGTjUh6ZtoMgSCAPcn5yvfXB6Fn2ZpmLBiu6Vhl91kb1/qdxsw=
-=C/w0
------END PGP SIGNATURE-----
diff --git a/kea-ctrl-agent.service b/kea-ctrl-agent.service
index b5c860ca706e39b35f710a0d6628999a558b927f..9e655e69d0946a64ba586b4a4c84e9c8c6bf8075 100644
--- a/kea-ctrl-agent.service
+++ b/kea-ctrl-agent.service
@@ -6,8 +6,20 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
+User=kea
+ConfigurationDirectory=kea
+ConfigurationDirectoryMode=0750
+RuntimeDirectory=kea
+RuntimeDirectoryPreserve=yes
+RuntimeDirectoryMode=0750
+LogsDirectory=kea
+LogsDirectoryMode=0750
+StateDirectory=kea
+StateDirectoryMode=0750
 ExecStart=/usr/sbin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf
-Environment=KEA_PIDFILE_DIR=/var/run/kea
+ExecReload=/usr/bin/kill -HUP $MAINPID
+Restart=on-failure
 
 [Install]
 WantedBy=multi-user.target
diff --git a/kea-dhcp-ddns.service b/kea-dhcp-ddns.service
index 5fdbe0bbf674247b4a16a14b7813a873261cd0be..a5804ab1dbd314e7e4599d093d6a91e00931cbca 100644
--- a/kea-dhcp-ddns.service
+++ b/kea-dhcp-ddns.service
@@ -6,8 +6,20 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
+User=kea
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+ConfigurationDirectory=kea
+ConfigurationDirectoryMode=0750
+RuntimeDirectory=kea
+RuntimeDirectoryPreserve=yes
+RuntimeDirectoryMode=0750
+LogsDirectory=kea
+LogsDirectoryMode=0750
+StateDirectory=kea
+StateDirectoryMode=0750
 ExecStart=/usr/sbin/kea-dhcp-ddns -c /etc/kea/kea-dhcp-ddns.conf
-Environment=KEA_PIDFILE_DIR=/var/run/kea
+ExecReload=/usr/bin/kill -HUP $MAINPID
 
 [Install]
 WantedBy=multi-user.target
diff --git a/kea-dhcp4.service b/kea-dhcp4.service
index 0a72768f3fb7c820dea84560f976c5c84610ad83..21e617f71698e9e69ed187d010c5983c5d92b6ef 100644
--- a/kea-dhcp4.service
+++ b/kea-dhcp4.service
@@ -6,8 +6,20 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
+User=kea
+AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW
+ConfigurationDirectory=kea
+ConfigurationDirectoryMode=0750
+RuntimeDirectory=kea
+RuntimeDirectoryPreserve=yes
+RuntimeDirectoryMode=0750
+LogsDirectory=kea
+LogsDirectoryMode=0750
+StateDirectory=kea
+StateDirectoryMode=0750
 ExecStart=/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf
-Environment=KEA_PIDFILE_DIR=/var/run/kea
+ExecReload=/usr/bin/kill -HUP $MAINPID
 
 [Install]
 WantedBy=multi-user.target
diff --git a/kea-dhcp6.service b/kea-dhcp6.service
index e1fc05a3414d948bdf080cc9569c7f91646d9420..c1b9e18e7b895f43e8e1e04efa2d3b85e32652ab 100644
--- a/kea-dhcp6.service
+++ b/kea-dhcp6.service
@@ -6,8 +6,20 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
+User=kea
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+ConfigurationDirectory=kea
+ConfigurationDirectoryMode=0750
+RuntimeDirectory=kea
+RuntimeDirectoryPreserve=yes
+RuntimeDirectoryMode=0750
+LogsDirectory=kea
+LogsDirectoryMode=0750
+StateDirectory=kea
+StateDirectoryMode=0750
 ExecStart=/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf
-Environment=KEA_PIDFILE_DIR=/var/run/kea
+ExecReload=/usr/bin/kill -HUP $MAINPID
 
 [Install]
 WantedBy=multi-user.target
diff --git a/kea-openssl-version.patch b/kea-openssl-version.patch
deleted file mode 100644
index 246cd5631071405fae5bf5d03997fe00d6e742ed..0000000000000000000000000000000000000000
--- a/kea-openssl-version.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/m4macros/ax_crypto.m4 b/m4macros/ax_crypto.m4
-index e1b43f8..a3a2c84 100644
---- a/m4macros/ax_crypto.m4
-+++ b/m4macros/ax_crypto.m4
-@@ -258,7 +258,7 @@ then
- else
-    CRYPTO_NAME="OpenSSL"
-    DISABLED_CRYPTO="Botan"
--   CRYPTO_PACKAGE="openssl-1.1.0"
-+   CRYPTO_PACKAGE="openssl"
-    DISTCHECK_CRYPTO_CONFIGURE_FLAG="--with-openssl=${use_openssl}"
-    AC_DEFINE_UNQUOTED([WITH_OPENSSL], [], [Compile with OpenSSL crypto])
-    AC_MSG_CHECKING(for OpenSSL library)
diff --git a/kea-sysusers.conf b/kea-sysusers.conf
new file mode 100644
index 0000000000000000000000000000000000000000..bb7250b4bc84fca14c842b45125a0d6692d8af28
--- /dev/null
+++ b/kea-sysusers.conf
@@ -0,0 +1,2 @@
+g kea -
+u kea -:kea "Kea DHCP Server" /var/lib/kea
diff --git a/kea-tmpfiles.d.conf b/kea-tmpfiles.d.conf
index dcd2418b2e1d184f242bf375e4e918bf685d42b5..9011f0d46e03096d37d20849cfc60c97f80c4105 100644
--- a/kea-tmpfiles.d.conf
+++ b/kea-tmpfiles.d.conf
@@ -1,5 +1,5 @@
-# kea needs existing /run/kea/ to create logger_lockfile there
+# kea needs existing /run/kea/ to create logger_lockfile and pidfile there
 # See tmpfiles.d(5) for details
 
-d /run/kea 0755 root root -
-
+d /run/kea 0750 kea kea -
+d /var/lib/kea 0750 kea kea -
diff --git a/kea.spec b/kea.spec
index dc517ee5f79a0bc0f188ce03c4f9924ebe199d0e..80c58cf12be59f1347f27973c28b0ea674192b42 100644
--- a/kea.spec
+++ b/kea.spec
@@ -1,25 +1,25 @@
 %global sysrepo 0
 
-
 Name:           kea
-Version:        2.4.1
-Release:    2%{?dist}
+Version:        3.0.3
+Release:    1%{?dist}
 Summary:        DHCPv4, DHCPv6 and DDNS server from ISC
 
 License:        MPL-2.0 AND BSL-1.0
 URL:            http://kea.isc.org
-Source0:        https://downloads.isc.org/isc/kea/%{version}%{?prever:-%{prever}}/kea-%{version}%{?prever:-%{prever}}.tar.gz
-Source1:        https://downloads.isc.org/isc/kea/%{version}%{?prever:-%{prever}}/kea-%{version}%{?prever:-%{prever}}.tar.gz.asc
+Source0:        https://downloads.isc.org/isc/kea/%{version}/kea-%{version}.tar.xz
+Source1:        https://downloads.isc.org/isc/kea/%{version}/kea-%{version}.tar.xz.asc
 Source2:        isc-keyblock.asc
 Source3:        kea-dhcp4.service
 Source4:        kea-dhcp6.service
 Source5:        kea-dhcp-ddns.service
 Source6:        kea-ctrl-agent.service
 Source7:        kea-tmpfiles.d.conf
+Source8:        kea-sysusers.conf
 
-Patch1:         kea-openssl-version.patch
+# Fix build with OpenSSL 4.0 (const-qualifiers)
+Patch30001:     Add-const-qualifiers-to-OpenSSL-X509-pointers.patch
 
-BuildRequires: autoconf automake libtool
 BuildRequires: boost-devel
 BuildRequires: gcc-c++
 BuildRequires: openssl-devel
@@ -42,6 +42,9 @@ BuildRequires: python3-sphinx
 BuildRequires: python3-sphinx_rtd_theme
 BuildRequires: make
 BuildRequires: gnupg2
+BuildRequires: meson
+BuildRequires: systemd-devel
+BuildRequires: systemd-rpm-macros
 
 Requires: %{name}-libs = %{version}-%{release}
 Requires(post): systemd
@@ -96,66 +99,71 @@ This package contains shared libraries used by Kea DHCP server.
 
 %prep
 %{gpgverify} --keyring='%{S:2}' --signature='%{S:1}' --data='%{S:0}'
-%autosetup -p1 -n kea-%{version}%{?prever:-%{prever}}
-rm -rf doc/sphinx/_build
-
-sed -i -e 's|ECHO|YYECHO|g' src/lib/eval/lexer.cc
-
+%autosetup -p1 -n kea-%{version}
 
 %build
-autoreconf --verbose --force --install
-
-%configure \
-    --disable-dependency-tracking \
-    --disable-rpath \
-    --disable-silent-rules \
-    --disable-static \
-    --enable-debug \
-    --enable-generate-parser \
-    --enable-shell \
-    --enable-generate-docs \
-    --enable-generate-messages \
-    --enable-perfdhcp \
-    --with-mysql \
-    --with-pgsql \
-    --with-gnu-ld \
-    --with-log4cplus \
+export KEA_PKG_TYPE_IN_CONFIGURE="rpm"
+
+%meson \
+    --install-umask 0022 \
 %if %{sysrepo}
-    --with-sysrepo \
+    -D netconf=enabled \
+%else
+    -D netconf=disabled \
 %endif
-    --with-openssl
+    -D crypto=openssl \
+    -D mysql=enabled \
+    -D postgresql=enabled
 
-%make_build
+%meson_build
+%meson_build doc
 
 
 %install
-%make_install docdir=%{_pkgdocdir}
-
-find %{buildroot} -type f -name "*.la" -delete -print
+%meson_install
 
 %if !%{sysrepo}
 rm %{buildroot}%{_mandir}/man8/kea-netconf.8
 %endif
 
+# Remove keactrl
+rm -f %{buildroot}%{_sysconfdir}/kea/keactrl.conf
+rm -f %{buildroot}%{_sbindir}/keactrl
+rm -f %{buildroot}%{_mandir}/man8/keactrl.8*
+
+# Create empty password file for the Kea Control Agent
+install -m 0640 /dev/null %{buildroot}%{_sysconfdir}/kea/kea-api-password
+
+# Install systemd units
 install -Dpm 0644 %{S:3} %{buildroot}%{_unitdir}/kea-dhcp4.service
 install -Dpm 0644 %{S:4} %{buildroot}%{_unitdir}/kea-dhcp6.service
 install -Dpm 0644 %{S:5} %{buildroot}%{_unitdir}/kea-dhcp-ddns.service
 install -Dpm 0644 %{S:6} %{buildroot}%{_unitdir}/kea-ctrl-agent.service
 
+# Start empty lease databases
 mkdir -p %{buildroot}%{_sharedstatedir}/kea/
 touch %{buildroot}%{_sharedstatedir}/kea/kea-leases4.csv
 touch %{buildroot}%{_sharedstatedir}/kea/kea-leases6.csv
 
-rm -f %{buildroot}%{_pkgdocdir}/COPYING
-rm -f %{buildroot}%{_pkgdocdir}/html/.buildinfo
+# Install systemd sysusers and tmpfiles configs
+install -Dpm 0644 %{S:8} %{buildroot}%{_sysusersdir}/kea.conf
+install -Dpm 0644 %{S:7} %{buildroot}%{_tmpfilesdir}/kea.conf
 
-mkdir -p %{buildroot}/run
-install -dm 0755 %{buildroot}/run/kea/
+mkdir -p %{buildroot}%{_rundir}
+install -dm 0750 %{buildroot}%{_rundir}/kea/
 
-install -Dpm 0644 %{S:7} %{buildroot}%{_tmpfilesdir}/kea.conf
+mkdir -p %{buildroot}%{_localstatedir}/log
+install -dm 0750 %{buildroot}%{_localstatedir}/log/kea/
+
+rm -f %{buildroot}%{_pkgdocdir}/COPYING
 
 
 %post
+# Set a pseudo-random password for default config to secure fresh install and allow CA startup without user intervention
+if [[ ! -s %{_sysconfdir}/kea/kea-api-password && -n `grep '"password-file": "kea-api-password"' %{_sysconfdir}/kea/kea-ctrl-agent.conf` ]]; then
+    (umask 0027; head -c 32 /dev/urandom | base64 > %{_sysconfdir}/kea/kea-api-password)
+    chown root:kea %{_sysconfdir}/kea/kea-api-password
+fi
 %systemd_post kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
 
 %preun
@@ -163,8 +171,7 @@ install -Dpm 0644 %{S:7} %{buildroot}%{_tmpfilesdir}/kea.conf
 
 %postun
 %systemd_postun_with_restart kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
-
-
+%ldconfig_scriptlets libs
 
 
 %files
@@ -177,14 +184,16 @@ install -Dpm 0644 %{S:7} %{buildroot}%{_tmpfilesdir}/kea.conf
 %{_sbindir}/kea-dhcp6
 %{_sbindir}/kea-lfc
 %{_sbindir}/kea-shell
-%{_sbindir}/keactrl
 %{_sbindir}/perfdhcp
 %{_unitdir}/kea*.service
-%dir %{_sysconfdir}/kea/
-%config(noreplace) %{_sysconfdir}/kea/kea*.conf
+%dir %attr(0750,kea,kea) %{_sysconfdir}/kea/
+%config(noreplace) %attr(0640,root,kea) %{_sysconfdir}/kea/kea*.conf
+%ghost %config(noreplace,missingok) %attr(0640,root,kea) %verify(not md5 size mtime) %{_sysconfdir}/kea/kea-api-password
 %{_datarootdir}/kea
-%dir %{_sharedstatedir}/kea
-%config(noreplace) %{_sharedstatedir}/kea/kea-leases*.csv
+%dir %attr(0750,kea,kea) %{_sharedstatedir}/kea
+%config(noreplace) %attr(0640,kea,kea) %{_sharedstatedir}/kea/kea-leases*.csv
+%dir %attr(0750,kea,kea) %{_rundir}/kea/
+%dir %attr(0750,kea,kea) %{_localstatedir}/log/kea
 %{python3_sitelib}/kea
 %{_mandir}/man8/kea-admin.8*
 %{_mandir}/man8/kea-ctrl-agent.8*
@@ -196,10 +205,9 @@ install -Dpm 0644 %{S:7} %{buildroot}%{_tmpfilesdir}/kea.conf
 %{_mandir}/man8/kea-netconf.8*
 %endif
 %{_mandir}/man8/kea-shell.8*
-%{_mandir}/man8/keactrl.8*
 %{_mandir}/man8/perfdhcp.8*
-%dir /run/kea/
 %{_tmpfilesdir}/kea.conf
+%{_sysusersdir}/kea.conf
 
 %files doc
 %dir %{_pkgdocdir}
@@ -210,46 +218,57 @@ install -Dpm 0644 %{S:7} %{buildroot}%{_tmpfilesdir}/kea.conf
 %doc %{_pkgdocdir}/CONTRIBUTING.md
 %doc %{_pkgdocdir}/platforms.rst
 %doc %{_pkgdocdir}/code_of_conduct.md
+%doc %{_pkgdocdir}/SECURITY.md
 %doc %{_pkgdocdir}/html
 
 %files devel
 %{_includedir}/kea
 %{_libdir}/libkea-*.so
+%{_libdir}/pkgconfig/kea.pc
 
 %files hooks
+%dir %{_sysconfdir}/kea/radius
+%config(noreplace) %attr(0644,root,kea) %{_sysconfdir}/kea/radius/dictionary
 %dir %{_libdir}/kea
-%{_libdir}/kea/hooks
+%dir %{_libdir}/kea/hooks
+%{_libdir}/kea/hooks/*.so
 
 %files libs
 %license COPYING
-%{_libdir}/libkea-asiodns.so.35*
-%{_libdir}/libkea-asiolink.so.56*
-%{_libdir}/libkea-cc.so.54*
-%{_libdir}/libkea-cfgclient.so.51*
-%{_libdir}/libkea-cryptolink.so.38*
-%{_libdir}/libkea-d2srv.so.30*
-%{_libdir}/libkea-database.so.48*
-%{_libdir}/libkea-dhcp_ddns.so.41*
-%{_libdir}/libkea-dhcp++.so.74*
-%{_libdir}/libkea-dhcpsrv.so.90*
-%{_libdir}/libkea-dns++.so.42*
-%{_libdir}/libkea-eval.so.52*
-%{_libdir}/libkea-exceptions.so.23*
-%{_libdir}/libkea-hooks.so.78*
-%{_libdir}/libkea-http.so.56*
-%{_libdir}/libkea-log.so.48*
-%{_libdir}/libkea-mysql.so.53*
-%{_libdir}/libkea-pgsql.so.53*
-%{_libdir}/libkea-process.so.57*
-%{_libdir}/libkea-stats.so.29*
-%{_libdir}/libkea-tcp.so.5*
-%{_libdir}/libkea-util-io.so.0*
-%{_libdir}/libkea-util.so.68*
+%{_libdir}/libkea-asiodns.so.62*
+%{_libdir}/libkea-asiolink.so.88*
+%{_libdir}/libkea-cc.so.83*
+%{_libdir}/libkea-cfgrpt.so.3*
+%{_libdir}/libkea-config.so.84*
+%{_libdir}/libkea-cryptolink.so.64*
+%{_libdir}/libkea-d2srv.so.63*
+%{_libdir}/libkea-database.so.76*
+%{_libdir}/libkea-dhcp_ddns.so.68*
+%{_libdir}/libkea-dhcp.so.109*
+%{_libdir}/libkea-dhcpsrv.so.131*
+%{_libdir}/libkea-dns.so.71*
+%{_libdir}/libkea-eval.so.84*
+%{_libdir}/libkea-exceptions.so.45*
+%{_libdir}/libkea-hooks.so.121*
+%{_libdir}/libkea-http.so.87*
+%{_libdir}/libkea-log-interprocess.so.3*
+%{_libdir}/libkea-log.so.75*
+%{_libdir}/libkea-mysql.so.88*
+%{_libdir}/libkea-pgsql.so.88*
+%{_libdir}/libkea-process.so.91*
+%{_libdir}/libkea-stats.so.53*
+%{_libdir}/libkea-tcp.so.33*
+%{_libdir}/libkea-util-io.so.12*
+%{_libdir}/libkea-util.so.102*
 
 
 %changelog
+* Tue May 12 2026 PkgAgent Robot <pkgagent@opencloudos.tech> - 3.0.3-1
+- [Type] sync 
+- [DESC] update to Version 3.0.3
+
 * Tue Jun 10 2025 bbrucezhang <bbrucezhang@tencent.com> - 2.4.1-2
 - Rebuilt for loongarch64
 
 * Mon Jul 01 2024 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 2.4.1-1
-- initial build
+- initial build
\ No newline at end of file
diff --git a/sources b/sources
index d3d3deb2a5c319f15f94f7f37f8e968f4a5a34fe..940aa297d755085267845174209021b07683108a 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
-SHA512 (kea-2.4.1.tar.gz) = b8a3b6f2cae213fd9826c37568c71d3458f52eed973dbe437a1d0974dafa026635a730d828c6ff03b32e030be57d75a7914a8ca313833e91d9996b6a05b2b224
+SHA512 (kea-3.0.3.tar.xz) = 38dff3a089b76d043c0bd1cc1bbf480b71b627d101954eb2d8200bce507dcd43e8a1cbdb5b55b7f425424a156ec56e36af52b6c591ecf6c80c29b58875b5b585
+SHA512 (kea-3.0.3.tar.xz.asc) = 8ca4af7417915cddf0b1746c5de1717e939baae19dc9a8a87196ac624ede379681881e5a863859b93e7fae778f7d767183d29519c8ad070d387d739d52b00f45