diff --git a/SOURCES/amanda-3.3.3-check-return.patch b/SOURCES/amanda-3.3.3-check-return.patch
new file mode 100644
index 0000000..a1e154e
--- /dev/null
+++ b/SOURCES/amanda-3.3.3-check-return.patch
@@ -0,0 +1,17 @@
+diff --git a/common-src/krb5-security.c b/common-src/krb5-security.c
+index 3f932ec..0c9258b 100644
+--- a/common-src/krb5-security.c
++++ b/common-src/krb5-security.c
+@@ -394,7 +394,10 @@ krb5_accept(
+      *(making the userid equal to the dumpuser)
+      */
+     pw = getpwnam(CLIENT_LOGIN);
+-    setreuid(pw->pw_uid, pw->pw_uid);
++    if (setreuid(pw->pw_uid, pw->pw_uid) == -1) {
++	g_critical("setreuid failed: %s", strerror(errno));
++	exit(1);
++    }
+ }
+ 
+ /*
+
diff --git a/SOURCES/amanda-3.3.3-local-security-gid.patch b/SOURCES/amanda-3.3.3-local-security-gid.patch
new file mode 100644
index 0000000..3e53e7c
--- /dev/null
+++ b/SOURCES/amanda-3.3.3-local-security-gid.patch
@@ -0,0 +1,12 @@
+diff -urpN old/common-src/local-security.c new/common-src/local-security.c
+--- old/common-src/local-security.c	2013-01-10 13:54:54.000000000 +0100
++++ new/common-src/local-security.c	2017-02-17 13:29:27.429117936 +0100
+@@ -256,7 +256,7 @@ runlocal(
+ 	initgroups(CLIENT_LOGIN, gid);
+     }
+     if (gid != 0)
+-	setregid(uid, gid);
++	setregid(gid, gid);
+     if (uid != 0)
+ 	setreuid(uid, uid);
+ #endif
diff --git a/SPECS/amanda.spec b/SPECS/amanda.spec
index 70cced6..122a4ea 100644
--- a/SPECS/amanda.spec
+++ b/SPECS/amanda.spec
@@ -10,7 +10,7 @@
 Summary: A network-capable tape backup solution
 Name: amanda
 Version: 3.3.3
-Release: 20%{?dist}
+Release: 21%{?dist}
 Source: http://downloads.sourceforge.net/amanda/amanda-%{version}.tar.gz
 Source1: amanda.crontab
 Source4: disklist
@@ -34,6 +34,8 @@ Patch14: amanda-3.3.3-non-blocking-connection.patch
 Patch15: amanda-3.3.3-krb5.patch
 Patch16: amanda-3.3.3-decompress.patch
 Patch17: amanda-3.3.3-non-blocking-connection-2.patch
+Patch18: amanda-3.3.3-check-return.patch
+Patch19: amanda-3.3.3-local-security-gid.patch
 
 
 License: BSD and GPLv3+ and GPLv2+ and GPLv2
@@ -119,6 +121,8 @@ server also needs to have the amanda-client package installed.
 %patch15 -p1 -b .krb5.patch
 %patch16 -p1 -b .decompression
 %patch17 -p1 -b .non-blocking-connection-2
+%patch18 -p1 -b .check-return
+%patch19 -p1 -b .local-security-gid
 ./autogen
 
 %build
@@ -491,6 +495,10 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Tue Jun 19 2018 Josef Ridky <jridky@redhat.com> - 3.3.3-21
+- Resolves: #1417830 - check return value from setreuid method
+- Resolves: #1423040 - fix local authentication issue
+
 * Mon Jan 15 2018 Josef Ridky <jridky@redhat.com> - 3.3.3-20
 - Resolves: #1532425 - fix problem with non-blocking connection