/usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20260609:
+	15.1-RC3-p1	EN-26:15.openssl
+			SA-26:25.thr
+			SA-26:26.ktls
+			SA-26:27.sound
+			SA-26:28.capsicum
+			SA-26:29.ip6_multicast
+			SA-26:30.linux
+			SA-26:31.arm64
+			SA-26:32.elf
+			SA-26:33.unbound
+			SA-26:34.vt
+			SA-26:35.openssl
+			SA-26:36.ldns
+
+	Update OpenSSL to 3.0.20 and 3.5.6. [EN-26:15.openssl]
+
+	Missing permission check in thr_kill2(2). [SA-26:25.thr]
+
+	Arbitrary file overwrite via the KTLS receive path. [SA-26:26.ktls]
+
+	Multiple vulnerabilities in the sound(4) mmap path. [SA-26:27.sound]
+
+	sigqueue(2) missing capability mode restriction. [SA-26:28.capsicum]
+
+	Use-after-free bug in the IPV6_MSFILTER socket option handler. [SA-26:29.ip6_multicast]
+
+	Flaw in Linuxulator execution of setugid binaries. [SA-26:30.linux]
+
+	Arm CPU errata may bypass page table permission changes. [SA-26:31.arm64]
+
+	ASLR bypass for setuid executables via procctl(2). [SA-26:32.elf]
+
+	Multiple vulnerabilities in unbound. [SA-26:33.unbound]
+
+	Integer overflow in vt(4) CONS_HISTORY ioctl. [SA-26:34.vt]
+
+	Multiple vulnerabilities in OpenSSL. [SA-26:35.openssl]
+
+	Insufficient response validation in the ldns stub resolver. [SA-26:36.ldns]
+
 20260512:
 	"bsdinstall script" will now do a pkgbase installation by default.  To
 	revert to the legacy distset installation, set "DISTRIBUTIONS" in
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 17d6f240b2ca..249ff1519aff 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -51,7 +51,7 @@
 
 TYPE="FreeBSD"
 REVISION="15.1"
-BRANCH="RC3"
+BRANCH="RC3-p1"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi