diff --git a/0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch b/0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch
new file mode 100644
index 0000000..40d00bf
--- /dev/null
+++ b/0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch
@@ -0,0 +1,13 @@
+References: bnc#835818
+
+--- dhcp-4.2.x-ldap/server/ldap.c
++++ dhcp-4.2.x-ldap/server/ldap.c	2014/04/15 01:34:59
+@@ -2103,6 +2103,8 @@ ldap_read_config (void)
+ 
+   if (x_parser_length(cfile) > 0)
+     {
++      ldap_write_debug (cfile->inbuf, cfile->buflen);
++
+       res = conf_file_subparse (cfile, root_group, ROOT_GROUP);
+       if (res != ISC_R_SUCCESS)
+         {
diff --git a/0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch b/0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch
new file mode 100644
index 0000000..346705a
--- /dev/null
+++ b/0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch
@@ -0,0 +1,25 @@
+References: bnc#868253
+
+--- dhcp-4.2.x/server/dhcpd.c
++++ dhcp-4.2.x/server/dhcpd.c	2014/06/10 01:59:13
+@@ -783,8 +783,19 @@ main(int argc, char **argv) {
+ 	}
+  
+ #if defined (PARANOIA)
+-	/* change uid to the specified one */
++	/* ensure, the leases db is owned by the run user/group */
++	if (set_gid || set_uid) {
++		char backfname[512];
++
++		chown(path_dhcpd_db, set_uid ? set_uid : -1,
++				     set_gid ? set_gid : -1);
+ 
++		snprintf (backfname, sizeof backfname, "%s~", path_dhcpd_db);
++		chown(backfname,     set_uid ? set_uid : -1,
++				     set_gid ? set_gid : -1);
++	}
++
++	/* change uid to the specified one */
+ 	if (set_gid) {
+ 		/* setgroups is done, OK */
+ 		if (setgroups (0, (void *)0))
diff --git a/dhclient-script b/dhclient-script
index d7fd8a5..811e899 100644
--- a/dhclient-script
+++ b/dhclient-script
@@ -115,6 +115,20 @@ netconfig_remove() {
     /sbin/netconfig remove -s "dhclient$ipver" -i "$interface" </dev/null
   fi
 }
+prefixlen2netmask()
+{
+	test -n "$1" || return 1
+	local o i n=0 adr=() len=$(($1))
+	for o in 0 1 2 3; do
+		adr[$o]=0
+		for i in 128 64 32 16 8 4 2 1; do
+			((n++ < len)) && \
+			((adr[$o] = ${adr[$o]} + $i))
+		done
+	done
+	echo ${adr[0]}.${adr[1]}.${adr[2]}.${adr[3]}
+	return 0
+}
 parse_ipv4_classless_routes()
 {
   local route_regex='^[0-9]{1,3}([ ][0-9]{1,3}){4,}$'
@@ -132,7 +146,7 @@ parse_ipv4_classless_routes()
     test ${#rfc_routes[@]} -lt $(( $i + $net_octets + 4 )) && \
       return 1
 
-    net_netmask=$(pfxlen2mask $net_length)
+    net_netmask=$(prefixlen2netmask $net_length)
     net_netmask=(${net_netmask//./ })
     net_address=(0 0 0 0)
     for(( j=0; j < $net_octets; j++, i++)); do
diff --git a/dhcp.changes b/dhcp.changes
index 6314875..343bf10 100644
--- a/dhcp.changes
+++ b/dhcp.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Jun 10 02:42:32 UTC 2014 - mt@suse.de
+
+- Fixed /etc/sysconfig/dhcpd fillup in dhcp server post-install.
+- Fixed dhcp server start script to use correct libdir (bnc#868250)
+- Fixed dhcp server to chown leases to run user at start (bnc#868253)
+  [+ 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
+- Fixed to write missed dhcp-ldap debug level messages (bnc#835818)
+  [+ 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch]
+- Fixed unsupported dhclient-script used by sysconfig ifup to provide
+  a function to calculate netmask. NetworkManager provides an own one.
+
 -------------------------------------------------------------------
 Wed May 21 08:34:07 UTC 2014 - jsegitz@novell.com
 
diff --git a/dhcp.spec b/dhcp.spec
index 71180ed..ec97da5 100644
--- a/dhcp.spec
+++ b/dhcp.spec
@@ -116,9 +116,16 @@ Patch16:        0016-server-log-DHCPv6-addresses-assigned-to-clients.patch
 Patch17:        0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
 # PATCH-FIX-SLE dhcp-4.2.6-improved-xid bnc#870535
 Patch18:        0018-dhcp-4.2.6-improved-xid.patch
+# PATCH-FIX-SLE dhcp-4.2.x-ldap-debug-write bug#835818
+Patch19:        0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch
+# PATCH-FIX-OPENSUSE dhcp-4.2.x-chown-server-leases bnc#868253
+Patch20:        0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch
 ##
 PreReq:         /bin/touch /sbin/chkconfig sysconfig
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+%if 0%{?suse_version} > 1220
+BuildRequires:  gpg-offline
+%endif
 BuildRequires:  automake
 
 %package server
@@ -226,6 +233,9 @@ Authors:
 
 
 %prep
+%if 0%{?gpg_verify:1}
+%gpg_verify %{S:1}
+%endif
 %setup -q -n %{name}-%{isc_version} -a 44 -a 45
 ##
 %patch1 -p1
@@ -248,6 +258,8 @@ Authors:
 %patch16 -p1
 %patch17 -p1
 %patch18 -p1
+%patch19 -p1
+%patch20 -p1
 ##
 find . -type f -name \*.cat\* -exec rm -f {} \;
 dos2unix contrib/ms2isc/*
@@ -370,6 +382,7 @@ install    -m0750 $RPM_SOURCE_DIR/dhclient-script $RPM_BUILD_ROOT/sbin/
 install -d -m0755 $RPM_BUILD_ROOT/usr/lib/dhcp
 install    -m0755 $RPM_SOURCE_DIR/dhcpd.script              \
                   $RPM_BUILD_ROOT/usr/lib/dhcp/dhcpd
+sed -e 's/@LIBDIR@/%{_lib}/g' -i $RPM_BUILD_ROOT/usr/lib/dhcp/dhcpd
 install    -m0755 $RPM_SOURCE_DIR/dhcrelay.script           \
                   $RPM_BUILD_ROOT/usr/lib/dhcp/dhcrelay
 %if %{with systemd}
@@ -481,7 +494,7 @@ popd
 
 %post server
 %if %{with systemd}
-%{fillup_only -ans dhcpd dhcpd}
+%{fillup_only -n   dhcpd dhcpd}
 %{fillup_only -ans syslog dhcpd}
 %service_add_post dhcpd.service
 %service_add_post dhcpd6.service
diff --git a/dhcpd.script b/dhcpd.script
index 0402896..942d9e5 100644
--- a/dhcpd.script
+++ b/dhcpd.script
@@ -208,7 +208,7 @@ case "$1" in
 			cp -aL "$i" "${CHROOT_PREFIX}/${i%/*}/" &>/dev/null \
 				|| { echo "...$0:$LINENO: could not copy $i to chroot jail"; rc_failed; rc_status -v1; exit 6; }
 		done
-		libdir=$(basename $(echo ${CHROOT_PREFIX}/lib*))
+		libdir=@LIBDIR@
 		if test -x /usr/bin/ldd ; then
 			get_ldd_deps()
 			{