diff --git a/SOURCES/_gdb.spec.Patch.include b/SOURCES/_gdb.spec.Patch.include
index bf653a0..66854cf 100644
--- a/SOURCES/_gdb.spec.Patch.include
+++ b/SOURCES/_gdb.spec.Patch.include
@@ -647,3 +647,12 @@ Patch158: gdb-rhbz1187581-power8-regs-not-in-8.2-14of15.patch
# Pedro Franco de Carvalho, RH BZ 1187581
Patch159: gdb-rhbz1187581-power8-regs-not-in-8.2-15of15.patch
+# "Fix" segfault that happens on parse_macro_definition because
+# debugedit corrupts the .debug_macro section.
+# Sergio Durigan Junior, RH BZ 1708192.
+Patch160: gdb-rhbz1708192-parse_macro_definition-crash.patch
+
+# Prevent buffer overflow with sections with invalid sizes.
+# Keith Seitz, RH BZ 1740299.
+Patch161: gdb-rhbz1742099-reject-sections-with-invalid-sizes.patch
+
diff --git a/SOURCES/_gdb.spec.patch.include b/SOURCES/_gdb.spec.patch.include
index 8ac090c..aac0638 100644
--- a/SOURCES/_gdb.spec.patch.include
+++ b/SOURCES/_gdb.spec.patch.include
@@ -157,3 +157,5 @@
%patch157 -p1
%patch158 -p1
%patch159 -p1
+%patch160 -p1
+%patch161 -p1
diff --git a/SOURCES/gdb-rhbz1708192-parse_macro_definition-crash.patch b/SOURCES/gdb-rhbz1708192-parse_macro_definition-crash.patch
new file mode 100644
index 0000000..d2f2b4f
--- /dev/null
+++ b/SOURCES/gdb-rhbz1708192-parse_macro_definition-crash.patch
@@ -0,0 +1,69 @@
+From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
+From: Sergio Durigan Junior <sergiodj@redhat.com>
+Date: Fri, 10 May 2019 16:57:26 -0400
+Subject: gdb-rhbz1708192-parse_macro_definition-crash.patch
+
+;; "Fix" segfault that happens on parse_macro_definition because
+;; debugedit corrupts the .debug_macro section.
+;; Sergio Durigan Junior, RH BZ 1708192.
+
+Don't crash if dwarf_decode_macro_bytes's 'body' is NULL
+
+Hi,
+
+Ref.: https://bugzilla.redhat.com/show_bug.cgi?id=1708192
+ https://bugzilla.redhat.com/show_bug.cgi?id=1708786
+
+During the Fedora RPM build process, gdb-add-index is invoked to
+extract the DWARF index from the binary, and GDB will segfault because
+dwarf2read.c:parse_definition_macro's 'body' variable is NULL.
+
+The underlying problem is that Fedora's rpm-build's "debugedit"
+program will silently corrupt .debug_macro strings when a binary is
+compiled with -g3. This is being taken care of by Mark Wielaard,
+here:
+
+ https://bugzilla.redhat.com/show_bug.cgi?id=1708786
+
+However, I still feel it's important to make GDB more resilient
+against invalid DWARF input, so I'm proposing this rather simple patch
+to catch the situation when "body == NULL" (i.e., it's probably been
+corrupted) and issue a complaint. This is not a real fix to the
+problem, of course, but at least GDB is able to finish without
+segfaulting.
+
+OK for master?
+
+gdb/ChangeLog:
+2019-05-15 Sergio Durigan Junior <sergiodj@redhat.com>
+
+ Ref.: https://bugzilla.redhat.com/show_bug.cgi?id=1708192
+ * dwarf2read.c (dwarf_decode_macro_bytes): Check whether 'body' is
+ NULL, and complain if that's the case.
+
+diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
+--- a/gdb/dwarf2read.c
++++ b/gdb/dwarf2read.c
+@@ -24355,7 +24355,21 @@ dwarf_decode_macro_bytes (struct dwarf2_per_objfile *dwarf2_per_objfile,
+ is_define ? _("definition") : _("undefinition"),
+ line == 0 ? _("zero") : _("non-zero"), line, body);
+
+- if (is_define)
++ if (body == NULL)
++ {
++ /* Fedora's rpm-build's "debugedit" binary
++ corrupted .debug_macro sections.
++
++ For more info, see
++ https://bugzilla.redhat.com/show_bug.cgi?id=1708786 */
++ complaint (_("debug info gives %s invalid macro %s "
++ "without body (corrupted?) at line %d "
++ "on file %s"),
++ at_commandline ? _("command-line") : _("in-file"),
++ is_define ? _("definition") : _("undefinition"),
++ line, current_file->filename);
++ }
++ else if (is_define)
+ parse_macro_definition (current_file, line, body);
+ else
+ {
diff --git a/SOURCES/gdb-rhbz1742099-reject-sections-with-invalid-sizes.patch b/SOURCES/gdb-rhbz1742099-reject-sections-with-invalid-sizes.patch
new file mode 100644
index 0000000..00d7b8c
--- /dev/null
+++ b/SOURCES/gdb-rhbz1742099-reject-sections-with-invalid-sizes.patch
@@ -0,0 +1,128 @@
+From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
+From: Keith Seitz <keiths@redhat.com>
+Date: Thu, 17 Oct 2019 09:44:15 -0700
+Subject: gdb-rhbz1742099-reject-sections-with-invalid-sizes.patch
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+;; Prevent buffer overflow with sections with invalid sizes.
+;; Keith Seitz, RH BZ 1740299.
+
+DWARF reader: Reject sections with invalid sizes
+
+This is another fuzzer bug, gdb/23567. This time, the fuzzer has
+specifically altered the size of .debug_str:
+
+$ eu-readelf -S objdump
+Section Headers:
+[Nr] Name Type Addr Off Size ES Flags Lk Inf Al
+[31] .debug_str PROGBITS 0000000000000000 0057116d ffffffffffffffff 1 MS 0 0 1
+
+When this file is loaded into GDB, the DWARF reader crashes attempting
+to access the string table (or it may just store a bunch of nonsense):
+
+[gdb-8.3-6-fc30]
+$ gdb -nx -q objdump
+BFD: warning: /path/to/objdump has a corrupt section with a size (ffffffffffffffff) larger than the file size
+Reading symbols from /path/to/objdump...
+Segmentation fault (core dumped)
+
+Nick has already committed a BFD patch to issue the warning seen above.
+
+[gdb master 6acc1a0b]
+$ gdb -BFD: warning: /path/to/objdump has a corrupt section with a size (ffffffffffffffff) larger than the file size
+Reading symbols from /path/to/objdump...
+(gdb) inf func
+All defined functions:
+
+File ./../include/dwarf2.def:
+186: const
+
+ 8 *>(.:
+ ;'@�B);
+747: const
+
+ 8 *�(.:
+ ;'@�B);
+701: const
+
+ 8 *�D �
+ (.:
+ ;'@�B);
+71: const
+
+ 8 *(.:
+ ;'@�B);
+/* and more gibberish */
+
+Consider read_indirect_string_at_offset_from:
+
+static const char *
+read_indirect_string_at_offset_from (struct objfile *objfile,
+ bfd *abfd, LONGEST str_offset,
+ struct dwarf2_section_info *sect,
+ const char *form_name,
+ const char *sect_name)
+{
+ dwarf2_read_section (objfile, sect);
+ if (sect->buffer == NULL)
+ error (_("%s used without %s section [in module %s]"),
+ form_name, sect_name, bfd_get_filename (abfd));
+ if (str_offset >= sect->size)
+ error (_("%s pointing outside of %s section [in module %s]"),
+ form_name, sect_name, bfd_get_filename (abfd));
+ gdb_assert (HOST_CHAR_BIT == 8);
+ if (sect->buffer[str_offset] == '\0')
+ return NULL;
+ return (const char *) (sect->buffer + str_offset);
+}
+
+With sect_size being ginormous, the code attempts to access
+sect->buffer[GINORMOUS], and depending on the layout of memory,
+GDB either stores a bunch of gibberish strings or crashes.
+
+This is an attempt to mitigate this by implementing a similar approach
+used by BFD. In our case, we simply reject the section with the invalid
+length:
+
+$ ./gdb -nx -q objdump
+BFD: warning: /path/to/objdump has a corrupt section with a size (ffffffffffffffff) larger than the file size
+Reading symbols from /path/to/objdump...
+
+warning: Discarding section .debug_str which has a section size (ffffffffffffffff) larger than the file size [in module /path/to/objdump]
+DW_FORM_strp used without .debug_str section [in module /path/to/objdump]
+(No debugging symbols found in /path/to/objdump)
+(gdb)
+
+Unfortunately, I have not found a way to regression test this, since it
+requires poking ELF section headers.
+
+gdb/ChangeLog:
+2019-10-16 Keith Seitz <keiths@redhat.com>
+
+ PR gdb/23567
+ * dwarf2read.c (dwarf2_per_objfile::locate_sections): Discard
+ sections whose size is greater than the file size.
+
+Change-Id: I896ac3b4eb2207c54e8e05c16beab3051d9b4b2f
+
+diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
+--- a/gdb/dwarf2read.c
++++ b/gdb/dwarf2read.c
+@@ -2335,6 +2335,15 @@ dwarf2_per_objfile::locate_sections (bfd *abfd, asection *sectp,
+ if ((aflag & SEC_HAS_CONTENTS) == 0)
+ {
+ }
++ else if (elf_section_data (sectp)->this_hdr.sh_size
++ > bfd_get_file_size (abfd))
++ {
++ bfd_size_type size = elf_section_data (sectp)->this_hdr.sh_size;
++ warning (_("Discarding section %s which has a section size (%s"
++ ") larger than the file size [in module %s]"),
++ bfd_section_name (abfd, sectp), phex_nz (size, sizeof (size)),
++ bfd_get_filename (abfd));
++ }
+ else if (section_is_p (sectp->name, &names.info))
+ {
+ this->info.s.section = sectp;
diff --git a/SPECS/gdb.spec b/SPECS/gdb.spec
index eb7ae37..30139f8 100644
--- a/SPECS/gdb.spec
+++ b/SPECS/gdb.spec
@@ -26,7 +26,7 @@ Version: 8.2
# The release always contains a leading reserved number, start it at 1.
# `upstream' is not a part of `name' to stay fully rpm dependencies compatible for the testing.
-Release: 6%{?dist}
+Release: 8%{?dist}
License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ and GPLv2+ with exceptions and GPL+ and LGPLv2+ and LGPLv3+ and BSD and Public Domain and GFDL
Group: Development/Debuggers
@@ -1034,6 +1034,15 @@ fi
%endif
%changelog
+* Tue Oct 22 2019 Keith Seitz <keiths@redhat.com> - 8.2-8.el8
+- Fix buffer overflow reading sections with invalid sizes
+ (Keith Seitz, RH BZ 1742099)
+
+* Thu Oct 17 2019 Keith Seitz <keiths@redhat.com> - 8.2-7.el8
+- Fix segfault that happens on parse_macro_definition because
+ debugedit corrupts the .debug_macro section (Sergio Durigan Junior,
+ RH BZ 1708192).
+
* Wed Apr 3 2019 Keith Seitz <keiths@redhat.com> 8.2-6.el8
- Fix yum vs dnf messaging for RHEL8 (RH BZ 1666249):
Add gdb-rhbz1666249-suggest-yum-instead-of-dnf.pattch