diff --git a/README.debrand b/README.debrand
deleted file mode 100644
index 01c46d2..0000000
--- a/README.debrand
+++ /dev/null
@@ -1,2 +0,0 @@
-Warning: This package was configured for automatic debranding, but the changes
-failed to apply.
diff --git a/SOURCES/0291-efi-http-Export-fw-http-_path-variables-to-make-them.patch b/SOURCES/0291-efi-http-Export-fw-http-_path-variables-to-make-them.patch
index 8095fd1..e1fad33 100644
--- a/SOURCES/0291-efi-http-Export-fw-http-_path-variables-to-make-them.patch
+++ b/SOURCES/0291-efi-http-Export-fw-http-_path-variables-to-make-them.patch
@@ -17,6 +17,8 @@ so are only found in the initial context.
 This can cause commands like configfile that create a new context to fail
 because the fw_path and http_path variables will not be found.
 
+Resolves: rhbz#1616395
+
 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
 ---
  grub-core/kern/main.c    | 1 +
diff --git a/SOURCES/0292-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch b/SOURCES/0292-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch
index b83d6e3..aa51d9a 100644
--- a/SOURCES/0292-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch
+++ b/SOURCES/0292-efi-http-Enclose-literal-IPv6-addresses-in-square-br.patch
@@ -36,6 +36,8 @@ ETag: "206-59f924b24b1da"
 Accept-Ranges: bytes
 Content-Length: 518
 
+Resolves: rhbz#1732765
+
 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
 ---
  grub-core/net/efi/http.c | 37 ++++++++++++++++++++++++++++---------
diff --git a/SOURCES/0293-efi-net-Allow-to-specify-a-port-number-in-addresses.patch b/SOURCES/0293-efi-net-Allow-to-specify-a-port-number-in-addresses.patch
index 28c54d5..9c20c5e 100644
--- a/SOURCES/0293-efi-net-Allow-to-specify-a-port-number-in-addresses.patch
+++ b/SOURCES/0293-efi-net-Allow-to-specify-a-port-number-in-addresses.patch
@@ -17,6 +17,8 @@ error: net/efi/net.c:782:unrecognised network address '192.168.122.1:8080'
 
 error: net/efi/net.c:781:unrecognised network address '[2000:dead:beef:a::1]:8080'
 
+Resolves: rhbz#1732765
+
 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
 ---
  grub-core/net/efi/net.c | 4 ++--
diff --git a/SOURCES/0294-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch b/SOURCES/0294-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch
index 1808a93..f0a71e7 100644
--- a/SOURCES/0294-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch
+++ b/SOURCES/0294-efi-ip4_config-Improve-check-to-detect-literal-IPv6-.patch
@@ -13,6 +13,8 @@ the following error message:
 
 error: net/efi/net.c:785:unrecognised network address '2000:dead:beef:a::1'
 
+Resolves: rhbz#1732765
+
 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
 ---
  grub-core/net/efi/ip4_config.c | 13 ++++++++++++-
diff --git a/SOURCES/0295-efi-net-Print-a-debug-message-if-parsing-the-address.patch b/SOURCES/0295-efi-net-Print-a-debug-message-if-parsing-the-address.patch
index 5893e7e..8bcb8f8 100644
--- a/SOURCES/0295-efi-net-Print-a-debug-message-if-parsing-the-address.patch
+++ b/SOURCES/0295-efi-net-Print-a-debug-message-if-parsing-the-address.patch
@@ -15,6 +15,8 @@ just print a debug message if the address is not parsed correctly.
 A user can enable debug messages for the efinet driver to have information
 about the failure and the fact that the default interface is being used.
 
+Related: rhbz#1732765
+
 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
 ---
  grub-core/net/efi/net.c | 18 +++++++++++-------
diff --git a/SOURCES/0335-tftp-roll-over-block-counter-to-prevent-timeouts-with.patch b/SOURCES/0335-tftp-roll-over-block-counter-to-prevent-timeouts-with.patch
new file mode 100644
index 0000000..cbff5b2
--- /dev/null
+++ b/SOURCES/0335-tftp-roll-over-block-counter-to-prevent-timeouts-with.patch
@@ -0,0 +1,51 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Mon, 24 Aug 2020 14:46:27 +0200
+Subject: [PATCH] tftp: roll over block counter to prevent timeouts with data
+ packets
+
+The block number is a 16-bit counter which only allows to fetch
+files no bigger than 65535 * blksize. To avoid this limit, the
+counter is rolled over. This behavior isn't defined in RFC 1350
+but is handled by many TFTP servers and it's what GRUB was doing
+before implicitly due an overflow.
+
+Fixing that bug led to TFTP timeouts, since GRUB wasn't acking
+data packets anymore for files with size bigger than the maximum
+mentioned above. Restore the old behavior to prevent this issue.
+
+Resolves: rhbz#1869987
+
+Suggested-by: Peter Jones <pjones@redhat.com>
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ grub-core/net/tftp.c | 16 ++++++++++++++--
+ 1 file changed, 14 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
+index 79c16f9b041..84162e6f1bd 100644
+--- a/grub-core/net/tftp.c
++++ b/grub-core/net/tftp.c
+@@ -183,8 +183,20 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
+ 	  return GRUB_ERR_NONE;
+ 	}
+ 
+-      /* Ack old/retransmitted block. */
+-      if (grub_be_to_cpu16 (tftph->u.data.block) < data->block + 1)
++      /*
++       * Ack old/retransmitted block.
++       *
++       * The block number is a 16-bit counter which only allows to fetch
++       * files no bigger than 65535 * blksize. To avoid this limit, the
++       * counter is rolled over. This behavior isn't defined in RFC 1350
++       * but is handled by many TFTP servers and it's what GRUB was doing
++       * before implicitly due an overflow.
++       *
++       * Fixing that bug led to TFTP timeouts, since GRUB wasn't acking
++       * data packets anymore for files with size bigger than the maximum
++       * mentioned above. Restore the old behavior to prevent this issue.
++       */
++      if (grub_be_to_cpu16 (tftph->u.data.block) < ((data->block + 1) & 0xffffu))
+ 	ack (data, grub_be_to_cpu16 (tftph->u.data.block));
+       /* Ignore unexpected block. */
+       else if (grub_be_to_cpu16 (tftph->u.data.block) > data->block + 1)
diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches
index 9d0ffd1..b523951 100644
--- a/SOURCES/grub.patches
+++ b/SOURCES/grub.patches
@@ -332,3 +332,4 @@ Patch0331: 0331-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch
 Patch0332: 0332-linux-loader-avoid-overflow-on-initrd-size-calculati.patch
 Patch0333: 0333-linuxefi-fail-kernel-validation-without-shim-protoco.patch
 Patch0334: 0334-linux-Fix-integer-overflows-in-initrd-size-handling.patch
+Patch0335: 0335-tftp-roll-over-block-counter-to-prevent-timeouts-with.patch
diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec
index f198c72..a71ec6b 100644
--- a/SPECS/grub2.spec
+++ b/SPECS/grub2.spec
@@ -6,7 +6,7 @@
 Name:           grub2
 Epoch:          1
 Version:        2.02
-Release:        0.86%{?dist}%{?buildid}
+Release:        0.87%{?dist}%{?buildid}
 Summary:        Bootloader with support for Linux, Multiboot and more
 Group:          System Environment/Base
 License:        GPLv3+
@@ -466,7 +466,32 @@ fi
 %endif
 
 %changelog
-* Tue Jul 28 2020 Peter Jones <pjones@redhat.com> - 2.02-0.86
+* Mon Aug 24 2020 Javier Martinez Canillas <javierm@redhat.com> - 2.02-0.87
+- Fix TFTP timeouts when trying to fetch files larger than 65535 KiB
+  Resolves: rhbz#1869987
+
+* Mon Jul 27 2020 Peter Jones <pjones@redhat.com> - 2.02-0.86
+- Fix a mis-merge
+  Related: CVE-2020-15705
+
+* Mon Jul 27 2020 Peter Jones <pjones@redhat.com> - 2.02-0.85
+- Couple more late fixes.
+  Resolves: CVE-2020-10713
+  Resolves: CVE-2020-14308
+  Resolves: CVE-2020-14309
+  Resolves: CVE-2020-14310
+  Resolves: CVE-2020-14311
+  Resolves: CVE-2020-15705
+
+* Sun Jul 26 2020 Peter Jones <pjones@redhat.com> - 2.02-0.84
+- Couple more late fixes.
+  Resolves: CVE-2020-10713
+  Resolves: CVE-2020-14308
+  Resolves: CVE-2020-14309
+  Resolves: CVE-2020-14310
+  Resolves: CVE-2020-14311
+
+* Mon Jul 20 2020 Peter Jones <pjones@redhat.com> - 2.02-0.83
 - Fix several CVEs:
   Resolves: CVE-2020-10713
   Resolves: CVE-2020-14308
@@ -477,10 +502,12 @@ fi
 * Mon Mar 23 2020 Javier Martinez Canillas <javierm@redhat.com> - 2.02-0.82
 - Prepend prefix when HTTP path is relative
 - efi/http: Export {fw,http}_path variables to make them global
+  Resolves: rhbz#1616395
 - efi/http: Enclose literal IPv6 addresses in square brackets
 - efi/net: Allow to specify a port number in addresses
 - efi/ip4_config: Improve check to detect literal IPv6 addresses
 - efi/net: Print a debug message if parsing the address fails
+  Resolves: rhbz#1732765
 
 * Fri Sep 13 2019 Javier Martinez Canillas <javierm@redhat.com> - 2.02-0.81
 - Only make grub2-tools Obsoletes and Provides grub2-tools-efi for x86_64