diff --git a/SOURCES/0001-device-Fix-crashing-when-connecting-ATT-over-BR-EDR.patch b/SOURCES/0001-device-Fix-crashing-when-connecting-ATT-over-BR-EDR.patch
new file mode 100644
index 0000000..828848b
--- /dev/null
+++ b/SOURCES/0001-device-Fix-crashing-when-connecting-ATT-over-BR-EDR.patch
@@ -0,0 +1,74 @@
+From d32e2a336b76cd84ff3fa770a69d7d1f9d0e2e75 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Thu, 25 Apr 2019 19:37:20 +0530
+Subject: [PATCH BlueZ]     device: Fix crashing when connecting ATT over
+ BR/EDR
+
+commit 006213cf4d231ce66de273e96619474bd516359b
+Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date:   Fri Jul 7 10:35:11 2017 +0300
+
+    device: Fix crashing when connecting ATT over BR/EDR
+---
+ src/device.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/device.c b/src/device.c
+index 8693eb826..4d2a59522 100644
+--- a/src/device.c
++++ b/src/device.c
+@@ -136,6 +136,7 @@ struct authentication_req {
+ struct browse_req {
+ 	DBusMessage *msg;
+ 	struct btd_device *device;
++	uint8_t bdaddr_type;
+ 	GSList *match_uuids;
+ 	GSList *profiles_added;
+ 	sdp_list_t *records;
+@@ -2154,6 +2155,9 @@ static void browse_request_complete(struct browse_req *req, uint8_t bdaddr_type,
+ 	struct btd_device *dev = req->device;
+ 	DBusMessage *reply = NULL;
+ 
++	if (req->bdaddr_type != bdaddr_type)
++		return;
++
+ 	if (!req->msg)
+ 		goto done;
+ 
+@@ -4955,6 +4959,7 @@ int device_connect_le(struct btd_device *dev)
+ }
+ 
+ static struct browse_req *browse_request_new(struct btd_device *device,
++							uint8_t bdaddr_type,
+ 							DBusMessage *msg)
+ {
+ 	struct browse_req *req;
+@@ -4964,6 +4969,7 @@ static struct browse_req *browse_request_new(struct btd_device *device,
+ 
+ 	req = g_new0(struct browse_req, 1);
+ 	req->device = device;
++	req->bdaddr_type = bdaddr_type;
+ 
+ 	device->browse = req;
+ 
+@@ -4989,7 +4995,7 @@ static int device_browse_gatt(struct btd_device *device, DBusMessage *msg)
+ 	struct btd_adapter *adapter = device->adapter;
+ 	struct browse_req *req;
+ 
+-	req = browse_request_new(device, msg);
++	req = browse_request_new(device, device->bdaddr_type, msg);
+ 	if (!req)
+ 		return -EBUSY;
+ 
+@@ -5062,7 +5068,7 @@ static int device_browse_sdp(struct btd_device *device, DBusMessage *msg)
+ 	uuid_t uuid;
+ 	int err;
+ 
+-	req = browse_request_new(device, msg);
++	req = browse_request_new(device, BDADDR_BREDR, msg);
+ 	if (!req)
+ 		return -EBUSY;
+ 
+-- 
+2.17.2
+
diff --git a/SOURCES/0002-device-Fix-crash-when-connecting-ATT-with-BR-EDR-onl.patch b/SOURCES/0002-device-Fix-crash-when-connecting-ATT-with-BR-EDR-onl.patch
new file mode 100644
index 0000000..993f775
--- /dev/null
+++ b/SOURCES/0002-device-Fix-crash-when-connecting-ATT-with-BR-EDR-onl.patch
@@ -0,0 +1,158 @@
+From 164997007447ffbf011934e84e21040f5e3eeff4 Mon Sep 17 00:00:00 2001
+From: Gopal Tiwari <gtiwari@redhat.com>
+Date: Thu, 25 Apr 2019 19:39:41 +0530
+Subject: [PATCH BlueZ]     device: Fix crash when connecting ATT with BR/EDR
+ only device
+
+commit 5252296b725ef159992be5372f60721bd9adca48
+Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date:   Wed Aug 9 14:14:23 2017 +0300
+
+    device: Fix crash when connecting ATT with BR/EDR only device
+---
+ src/device.c | 38 +++++++++++++++++++++++---------------
+ 1 file changed, 23 insertions(+), 15 deletions(-)
+
+diff --git a/src/device.c b/src/device.c
+index 4d2a59522..54bef1bd3 100644
+--- a/src/device.c
++++ b/src/device.c
+@@ -133,10 +133,15 @@ struct authentication_req {
+ 	gboolean secure;
+ };
+ 
++enum {
++	BROWSE_SDP,
++	BROWSE_GATT
++};
++
+ struct browse_req {
+ 	DBusMessage *msg;
+ 	struct btd_device *device;
+-	uint8_t bdaddr_type;
++	uint8_t type;
+ 	GSList *match_uuids;
+ 	GSList *profiles_added;
+ 	sdp_list_t *records;
+@@ -2149,13 +2154,13 @@ static void store_gatt_db(struct btd_device *device)
+ }
+ 
+ 
+-static void browse_request_complete(struct browse_req *req, uint8_t bdaddr_type,
+-									int err)
++static void browse_request_complete(struct browse_req *req, uint8_t type,
++						uint8_t bdaddr_type, int err)
+ {
+ 	struct btd_device *dev = req->device;
+ 	DBusMessage *reply = NULL;
+ 
+-	if (req->bdaddr_type != bdaddr_type)
++	if (req->type != type)
+ 		return;
+ 
+ 	if (!req->msg)
+@@ -2209,8 +2214,8 @@ static void device_set_svc_refreshed(struct btd_device *device, bool value)
+ 					DEVICE_INTERFACE, "ServicesResolved");
+ }
+ 
+-static void device_svc_resolved(struct btd_device *dev, uint8_t bdaddr_type,
+-								int err)
++static void device_svc_resolved(struct btd_device *dev, uint8_t browse_type,
++						uint8_t bdaddr_type, int err)
+ {
+ 	struct bearer_state *state = get_state(dev, bdaddr_type);
+ 	struct browse_req *req = dev->browse;
+@@ -2258,7 +2263,7 @@ static void device_svc_resolved(struct btd_device *dev, uint8_t bdaddr_type,
+ 		return;
+ 
+ 	dev->browse = NULL;
+-	browse_request_complete(req, bdaddr_type, err);
++	browse_request_complete(req, browse_type, bdaddr_type, err);
+ }
+ 
+ static struct bonding_req *bonding_request_new(DBusMessage *msg,
+@@ -4517,7 +4522,7 @@ static void search_cb(sdp_list_t *recs, int err, gpointer user_data)
+ 						DEVICE_INTERFACE, "UUIDs");
+ 
+ send_reply:
+-	device_svc_resolved(device, BDADDR_BREDR, err);
++	device_svc_resolved(device, BROWSE_SDP, BDADDR_BREDR, err);
+ }
+ 
+ static void browse_cb(sdp_list_t *recs, int err, gpointer user_data)
+@@ -4642,7 +4647,8 @@ static void gatt_client_ready_cb(bool success, uint8_t att_ecode,
+ 	DBG("status: %s, error: %u", success ? "success" : "failed", att_ecode);
+ 
+ 	if (!success) {
+-		device_svc_resolved(device, device->bdaddr_type, -EIO);
++		device_svc_resolved(device, BROWSE_GATT, device->bdaddr_type,
++									-EIO);
+ 		return;
+ 	}
+ 
+@@ -4650,7 +4656,7 @@ static void gatt_client_ready_cb(bool success, uint8_t att_ecode,
+ 
+ 	btd_gatt_client_ready(device->client_dbus);
+ 
+-	device_svc_resolved(device, device->bdaddr_type, 0);
++	device_svc_resolved(device, BROWSE_GATT, device->bdaddr_type, 0);
+ 
+ 	store_gatt_db(device);
+ }
+@@ -4855,6 +4861,7 @@ static void att_connect_cb(GIOChannel *io, GError *gerr, gpointer user_data)
+ 
+ 		if (device->browse) {
+ 			browse_request_complete(device->browse,
++						BROWSE_GATT,
+ 						device->bdaddr_type,
+ 						-ECONNABORTED);
+ 			device->browse = NULL;
+@@ -4959,7 +4966,7 @@ int device_connect_le(struct btd_device *dev)
+ }
+ 
+ static struct browse_req *browse_request_new(struct btd_device *device,
+-							uint8_t bdaddr_type,
++							uint8_t type,
+ 							DBusMessage *msg)
+ {
+ 	struct browse_req *req;
+@@ -4969,7 +4976,7 @@ static struct browse_req *browse_request_new(struct btd_device *device,
+ 
+ 	req = g_new0(struct browse_req, 1);
+ 	req->device = device;
+-	req->bdaddr_type = bdaddr_type;
++	req->type = type;
+ 
+ 	device->browse = req;
+ 
+@@ -4995,7 +5002,7 @@ static int device_browse_gatt(struct btd_device *device, DBusMessage *msg)
+ 	struct btd_adapter *adapter = device->adapter;
+ 	struct browse_req *req;
+ 
+-	req = browse_request_new(device, device->bdaddr_type, msg);
++	req = browse_request_new(device, BROWSE_GATT, msg);
+ 	if (!req)
+ 		return -EBUSY;
+ 
+@@ -5011,7 +5018,8 @@ static int device_browse_gatt(struct btd_device *device, DBusMessage *msg)
+ 		 * Services have already been discovered, so signal this browse
+ 		 * request as resolved.
+ 		 */
+-		device_svc_resolved(device, device->bdaddr_type, 0);
++		device_svc_resolved(device, BROWSE_GATT, device->bdaddr_type,
++									0);
+ 		return 0;
+ 	}
+ 
+@@ -5068,7 +5076,7 @@ static int device_browse_sdp(struct btd_device *device, DBusMessage *msg)
+ 	uuid_t uuid;
+ 	int err;
+ 
+-	req = browse_request_new(device, BDADDR_BREDR, msg);
++	req = browse_request_new(device, BROWSE_SDP, msg);
+ 	if (!req)
+ 		return -EBUSY;
+ 
+-- 
+2.17.2
+
diff --git a/SPECS/bluez.spec b/SPECS/bluez.spec
index 651a5e5..62f6723 100644
--- a/SPECS/bluez.spec
+++ b/SPECS/bluez.spec
@@ -1,7 +1,7 @@
 Summary: Bluetooth utilities
 Name: bluez
 Version: 5.44
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: Applications/System
 URL: http://www.bluez.org/
@@ -17,7 +17,9 @@ Patch4: 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch
 Patch5: 0002-autopair-Don-t-handle-the-iCade.patch
 Patch7: 0004-agent-Assert-possible-infinite-loop.patch
 Patch8: 0001-Out-of-bounds-heap-read-in-service_search_attr_req-f.patch
-
+#Upstream 
+Patch9: 0001-device-Fix-crashing-when-connecting-ATT-over-BR-EDR.patch
+Patch10: 0002-device-Fix-crash-when-connecting-ATT-with-BR-EDR-onl.patch
 %global _hardened_build 1
 
 BuildRequires: git
@@ -252,13 +254,18 @@ sed -i 's/#\[Policy\]$/\[Policy\]/; s/#AutoEnable=false/AutoEnable=false/' ${RPM
 /lib/udev/rules.d/97-hid2hci.rules
 
 %changelog
+
+* Thu Apr 25 2019 Gopal Tiwari <gtiwari@redhat.com> 5.44-5
+- fixing crash with SIGSEGV when pairing with headset
+Resolves: #1667100
+
 * Mon Sep 11 2017 Don Zickus <dzickus@redhat.com> 5.44-4
 - forgot to bump rev
-Resolves: #1490010
+Resolves: #1490011
 
 * Mon Sep 11 2017 Don Zickus <dzickus@redhat.com> 5.44-3
 - sdpd heap fix
-Resolves: #1490010
+Resolves: #1490011
 
 * Mon Mar 27 2017 David Arcari <darcari@redhat.com> 5.44-2
 - added missing updates for sources and .gitignore