diff --git a/deps/lib-versions b/deps/lib-versions
index 1b2f9b79..77aabcfa 100644
--- a/deps/lib-versions
+++ b/deps/lib-versions
@@ -4,8 +4,8 @@ export ASIO_CSUM=cbcaaba0f66722787b1a7c33afe1befb3a012b5af3ad7da7ff0f6b8c9b7a8a5
 export LZ4_VERSION=lz4-1.8.3
 export LZ4_CSUM=33af5936ac06536805f9745e0b6d61da606a1f8b4cc5c04dd3cbaca3b9b4fc43
 
-export MBEDTLS_VERSION=mbedtls-2.28.2
-export MBEDTLS_CSUM=bc55232bf71fd66045122ba9050a29ea7cb2e8f99b064a9e6334a82f715881a0
+export MBEDTLS_VERSION=mbedtls-2.28.4
+export MBEDTLS_CSUM=578c4dcd15bbff3f5cd56aa07cd4f850fc733634e3d5947be4f7157d5bfd81ac
 
 export JSONCPP_VERSION=1.8.4
 export JSONCPP_CSUM=c49deac9e0933bcb7044f08516861a2d560988540b23de2ac1ad443b219afdb6
diff --git a/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch b/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch
index d5406e90..c4ebde64 100644
--- a/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch
+++ b/deps/mbedtls/patches/0001-relax-x509-date-format-check.patch
@@ -12,39 +12,34 @@ diff --git a/library/x509.c b/library/x509.c
 index 264c7fb0c..9372bcb92 100644
 --- a/library/x509.c
 +++ b/library/x509.c
-@@ -556,13 +556,20 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
+@@ -624,11 +624,16 @@ static int x509_parse_time(unsigned char
      /*
       * Parse seconds if present
       */
--    if ( len >= 2 )
-+    if ( len >= 2 && **p >= '0' && **p <= '9' )
-     {
-         CHECK( x509_parse_int( p, 2, &tm->sec ) );
+-    if (len >= 2) {
++    if (len >= 2 && **p >= '0' && **p <= '9') {
+         CHECK(x509_parse_int(p, 2, &tm->sec));
          len -= 2;
-     }
-     else
-+    {
+     } else {
 +#if defined(MBEDTLS_RELAXED_X509_DATE)
-+	/* if relaxed mode, allow seconds to be absent */
-+	tm->sec = 0;
++        /* if relaxed mode, allow seconds to be absent */
++        tm->sec = 0;
 +#else
-         return ( MBEDTLS_ERR_X509_INVALID_DATE );
+         return MBEDTLS_ERR_X509_INVALID_DATE;
 +#endif
-+    }
+     }
  
      /*
-      * Parse trailing 'Z' if present
-@@ -572,6 +579,15 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
+@@ -638,6 +643,14 @@ static int x509_parse_time(unsigned char
          (*p)++;
          len--;
      }
 +#if defined(MBEDTLS_RELAXED_X509_DATE)
-+    else if ( len == 5 && **p == '+' )
-+    {
-+	int tz; /* throwaway timezone */
-+	(*p)++;
-+	CHECK( x509_parse_int( p, 4, &tz ) );
-+	return 0;
++    else if ( len == 5 && **p == '+' ) {
++        int tz; /* throwaway timezone */
++        (*p)++;
++        CHECK( x509_parse_int( p, 4, &tz ) );
++        return 0;
 +    }
 +#endif