diff --git a/rpcbind.changes b/rpcbind.changes
index 7126c2e..78fea91 100644
--- a/rpcbind.changes
+++ b/rpcbind.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Wed Aug 16 10:34:13 CEST 2017 - kukuk@suse.de
+
+- Add BuildRequires libnsl-devel (needed for obsoleting nsl in 
+  glibc)
+
+-------------------------------------------------------------------
+Wed May 17 09:14:15 UTC 2017 - schwab@suse.de
+
+- svc-freeargs.patch: always call svc_freeargs, even if svc_getargs
+  failed (bsc#1037559, CVE-2017-8779)
+
 -------------------------------------------------------------------
 Tue May  2 13:58:57 CEST 2017 - kukuk@suse.de
 
diff --git a/rpcbind.spec b/rpcbind.spec
index 48c2f6c..ec2df21 100644
--- a/rpcbind.spec
+++ b/rpcbind.spec
@@ -28,6 +28,9 @@ Source2:        sysconfig.rpcbind
 Source3:        rpcbind.xml
 Source4:        pmap_set.c
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+%if 0%{?suse_version} >= 1330
+BuildRequires:  libnsl-devel
+%endif
 BuildRequires:  libtirpc-devel >= 1.0.1
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
@@ -53,6 +56,7 @@ Patch12:        0012-Move-default-state-dir-to-a-subdirectory-of-var-run.patch
 Patch14:        0014-When-using-systemd-redirect-syslog-calls-to-the-syst.patch
 Patch30:        0030-systemd-fix-rmtcall.patch
 Patch31:        0031-rpcbind-manpage.patch
+Patch32:        svc-freeargs.patch
 
 %{?systemd_requires}
 Provides:       portmap
@@ -81,6 +85,7 @@ cp %{SOURCE4} .
 #%patch14 -p1
 #%patch30 -p1
 %patch31 -p1
+%patch32 -p1
 
 %build
 autoreconf -fiv
diff --git a/svc-freeargs.patch b/svc-freeargs.patch
new file mode 100644
index 0000000..a23e145
--- /dev/null
+++ b/svc-freeargs.patch
@@ -0,0 +1,26 @@
+Index: rpcbind-0.2.3/src/rpcb_svc.c
+===================================================================
+--- rpcbind-0.2.3.orig/src/rpcb_svc.c
++++ rpcbind-0.2.3/src/rpcb_svc.c
+@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SV
+ 		svcerr_decode(transp);
+ 		if (debugging)
+ 			(void) xlog(LOG_DEBUG, "rpcbind: could not decode");
+-		return;
++		goto done;
+ 	}
+ 
+ 	if (rqstp->rq_proc == RPCBPROC_SET
+Index: rpcbind-0.2.3/src/rpcb_svc_4.c
+===================================================================
+--- rpcbind-0.2.3.orig/src/rpcb_svc_4.c
++++ rpcbind-0.2.3/src/rpcb_svc_4.c
+@@ -220,7 +220,7 @@ rpcb_service_4(struct svc_req *rqstp, SV
+ 		svcerr_decode(transp);
+ 		if (debugging)
+ 			(void) xlog(LOG_DEBUG, "rpcbind: could not decode\n");
+-		return;
++		goto done;
+ 	}
+ 
+ 	if (rqstp->rq_proc == RPCBPROC_SET