diff --git a/_constraints b/_constraints
index 8826782..1ade9eb 100644
--- a/_constraints
+++ b/_constraints
@@ -11,4 +11,18 @@
   </physicalmemory>
   <processors>4</processors>
  </hardware>
+ <overwrite>
+  <conditions>
+   <arch>armv6l</arch>
+   <arch>armv7l</arch>
+  </conditions>
+  <hardware>
+   <memory>
+     <size unit="G">9</size>
+   </memory>
+   <physicalmemory>
+    <size unit="G">8</size>
+   </physicalmemory>
+  </hardware>
+ </overwrite>
 </constraints>
diff --git a/libqt5-qtwebengine.changes b/libqt5-qtwebengine.changes
index b9cdb23..d746d0e 100644
--- a/libqt5-qtwebengine.changes
+++ b/libqt5-qtwebengine.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Wed Feb 17 13:19:20 UTC 2021 - Fabian Vogt <fabian@ritter-vogt.de>
+
+- Add patch to fix sandbox with glibc 2.33 on 32bit:
+  * sandbox-statx-futex_time64.patch
+
+-------------------------------------------------------------------
+Tue Feb 16 09:52:13 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Relax constraints for armv6 and armv7
+
 -------------------------------------------------------------------
 Mon Feb 15 16:28:49 UTC 2021 - Fabian Vogt <fabian@ritter-vogt.de>
 
diff --git a/libqt5-qtwebengine.spec b/libqt5-qtwebengine.spec
index a0725aa..75874bc 100644
--- a/libqt5-qtwebengine.spec
+++ b/libqt5-qtwebengine.spec
@@ -53,8 +53,9 @@ Source:         https://download.qt.io/official_releases/qt/5.15/%{real_version}
 Patch1:         armv6-ffmpeg-no-thumb.patch
 # PATCH-FIX-OPENSUSE disable-gpu-when-using-nouveau-boo-1005323.diff
 Patch2:         disable-gpu-when-using-nouveau-boo-1005323.diff
-Patch7:         fix1163766.patch
-Patch8:         chromium-glibc-2.33.patch
+Patch3:         fix1163766.patch
+Patch4:         chromium-glibc-2.33.patch
+Patch5:         sandbox-statx-futex_time64.patch
 # PATCH-FIX-OPENSUSE
 Patch9:         rtc-dont-use-h264.patch
 # PATCH-FIX-UPSTREAM
diff --git a/sandbox-statx-futex_time64.patch b/sandbox-statx-futex_time64.patch
new file mode 100644
index 0000000..25c407b
--- /dev/null
+++ b/sandbox-statx-futex_time64.patch
@@ -0,0 +1,39 @@
+From: Fabian Vogt <fabian@ritter-vogt.de>
+Subject: Sandbox: Handle statx and futex_time64
+
+glibc uses statx in some more places now (e.g stat64 -> __fstatat64_time64),
+but it's caught by the sandbox, which doesn't handle it and breaks.
+Return -ENOSYS instead to trigger the fallback in glibc.
+
+futex_time64 is also used internally in glibc, so handle that as well.
+The signature is identical where it matters.
+
+Index: qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+===================================================================
+--- qtwebengine-everywhere-src-5.15.2.orig/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
++++ qtwebengine-everywhere-src-5.15.2/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -190,6 +190,11 @@ ResultExpr EvaluateSyscallImpl(int fs_de
+   if (sysno == __NR_futex)
+     return RestrictFutex();
+ 
++#if defined(__NR_futex_time64)
++  if (sysno == __NR_futex_time64)
++    return RestrictFutex();
++#endif
++
+   if (sysno == __NR_set_robust_list)
+     return Error(EPERM);
+ 
+@@ -265,6 +270,12 @@ ResultExpr EvaluateSyscallImpl(int fs_de
+   }
+ #endif
+ 
++#if defined(__NR_statx)
++  if (sysno == __NR_statx) {
++    return Error(ENOSYS);
++  }
++#endif
++
+   if (SyscallSets::IsFileSystem(sysno) ||
+       SyscallSets::IsCurrentDirectory(sysno)) {
+     return Error(fs_denied_errno);