diff --git a/SOURCES/ksh-20120801-assoc-unset-leak.patch b/SOURCES/ksh-20120801-assoc-unset-leak.patch
new file mode 100644
index 0000000..1af7d16
--- /dev/null
+++ b/SOURCES/ksh-20120801-assoc-unset-leak.patch
@@ -0,0 +1,20 @@
+diff -up ksh-20120801/src/cmd/ksh93/sh/name.c.orig ksh-20120801/src/cmd/ksh93/sh/name.c
+--- ksh-20120801/src/cmd/ksh93/sh/name.c.orig	2015-02-10 17:15:37.180783550 -0200
++++ ksh-20120801/src/cmd/ksh93/sh/name.c	2015-02-10 18:25:51.726228437 -0200
+@@ -1298,7 +1298,16 @@ void nv_delete(Namval_t* np, Dt_t *root,
+ 		if(dtdelete(root,np))
+ 		{
+ 			if(!(flags&NV_NOFREE) && ((flags&NV_FUNCTION) || !nv_subsaved(np,flags&NV_TABLE)))
++			{
++				Namarr_t	*ap;
++				if(nv_isarray(np) && np->nvfun && (ap=nv_arrayptr(np)) && array_assoc(ap)) {
++					while(nv_associative(np,0,NV_ANEXT))
++						nv_associative(np, 0, NV_ADELETE);
++					nv_associative(np, 0, NV_AFREE);
++					free((void*)np->nvfun);
++				}
+ 				free((void*)np);
++			}
+ 		}
+ #if 0
+ 		else
diff --git a/SOURCES/ksh-20120801-badgcc.patch b/SOURCES/ksh-20120801-badgcc.patch
new file mode 100644
index 0000000..cd26316
--- /dev/null
+++ b/SOURCES/ksh-20120801-badgcc.patch
@@ -0,0 +1,22 @@
+diff -up ksh-20120801/src/lib/libast/string/strdup.c.badgcc ksh-20120801/src/lib/libast/string/strdup.c
+--- ksh-20120801/src/lib/libast/string/strdup.c.badgcc	2012-05-21 15:04:46.000000000 +0200
++++ ksh-20120801/src/lib/libast/string/strdup.c	2015-06-17 10:12:52.693922581 +0200
+@@ -50,11 +50,18 @@ __STDPP__directive pragma pp:nohide strd
+ #define extern	__EXPORT__
+ #endif
+ 
++#pragma GCC push_options
++#pragma GCC optimize ("O0")
++
++
+ extern char*
+ strdup(register const char* s)
+ {
+ 	register char*	t;
+ 	register int	n;
+ 
+ 	return (s && (t = oldof(0, char, n = strlen(s) + 1, 0))) ? (char*)memcpy(t, s, n) : (char*)0;
+ }
++
++#pragma GCC pop_options
++
diff --git a/SOURCES/ksh-20120801-dotdoublefree.patch b/SOURCES/ksh-20120801-dotdoublefree.patch
new file mode 100644
index 0000000..bf29cb1
--- /dev/null
+++ b/SOURCES/ksh-20120801-dotdoublefree.patch
@@ -0,0 +1,19 @@
+diff --git a/src/cmd/ksh93/sh/xec.c b/src/cmd/ksh93/sh/xec.c
+index 1ba7347..ab745d4 100644
+--- a/src/cmd/ksh93/sh/xec.c
++++ b/src/cmd/ksh93/sh/xec.c
+@@ -640,7 +640,11 @@ int sh_eval(register Sfio_t *iop, int mode)
+ 	if(lineno)
+ 		shp->inlineno = lineno;
+ 	if(io_save)
++	{
+ 		sfclose(io_save);
++		io_save = 0;
++	}
++
+ 	sh_freeup(shp);
+ 	shp->st.staklist = saveslp;
+ 	shp->fn_reset = 0;
+-- 
+2.9.3
+
diff --git a/SOURCES/ksh-20120801-mb-after-argvar.patch b/SOURCES/ksh-20120801-mb-after-argvar.patch
new file mode 100644
index 0000000..1b71a57
--- /dev/null
+++ b/SOURCES/ksh-20120801-mb-after-argvar.patch
@@ -0,0 +1,15 @@
+diff -up ksh-20120801/src/cmd/ksh93/sh/macro.c.orig ksh-20120801/src/cmd/ksh93/sh/macro.c
+--- ksh-20120801/src/cmd/ksh93/sh/macro.c.orig	2015-08-24 14:29:58.602967855 -0300
++++ ksh-20120801/src/cmd/ksh93/sh/macro.c	2015-08-24 14:31:13.682850008 -0300
+@@ -1479,7 +1479,10 @@ retry1:
+ 	    default:
+ 		goto nosub;
+ 	}
+-	c = fcmbget(&LEN);
++	if(type)
++		c = fcmbget(&LEN);
++	else
++		c = fcget();
+ 	if(type>M_TREE)
+ 	{
+ 		if(c!=RBRACE)
diff --git a/SOURCES/ksh-20120801-subshell-leak.patch b/SOURCES/ksh-20120801-subshell-leak.patch
new file mode 100644
index 0000000..24c7f6b
--- /dev/null
+++ b/SOURCES/ksh-20120801-subshell-leak.patch
@@ -0,0 +1,20 @@
+diff --git a/src/cmd/ksh93/sh/path.c b/src/cmd/ksh93/sh/path.c
+index d723987..9965bf5 100644
+--- a/src/cmd/ksh93/sh/path.c
++++ b/src/cmd/ksh93/sh/path.c
+@@ -1791,8 +1791,12 @@ void path_alias(register Namval_t *np,register Pathcomp_t *pp)
+ 	{
+ 		struct stat statb;
+ 		char *sp;
++		Pathcomp_t *old = 0;
+ 		nv_offattr(np,NV_NOPRINT);
+ 		nv_stack(np,&talias_init);
++		old = (Pathcomp_t*)np->nvalue.cp;
++		if (old && (--old->refcount <= 0))
++			free((void*)old);
+ 		np->nvalue.cp = (char*)pp;
+ 		pp->refcount++;
+ 		nv_setattr(np,NV_TAGGED|NV_NOFREE);
+-- 
+2.9.3
+
diff --git a/SOURCES/ksh-20120801-typeset.patch b/SOURCES/ksh-20120801-typeset.patch
new file mode 100644
index 0000000..03b56b8
--- /dev/null
+++ b/SOURCES/ksh-20120801-typeset.patch
@@ -0,0 +1,16 @@
+diff --git a/src/cmd/ksh93/bltins/typeset.c b/src/cmd/ksh93/bltins/typeset.c
+index 15fcd58..8939011 100644
+--- a/src/cmd/ksh93/bltins/typeset.c
++++ b/src/cmd/ksh93/bltins/typeset.c
+@@ -1442,7 +1442,7 @@ static void print_scan(Sfio_t *file, int flag, Dt_t *root, int option,struct tda
+ 		tp->scanmask |= (NV_DOUBLE|NV_EXPNOTE);
+ 	if(flag==NV_LTOU || flag==NV_UTOL)
+ 		tp->scanmask |= NV_UTOL|NV_LTOU;
+-	namec = nv_scan(root,nullscan,(void*)tp,tp->scanmask,flag);
++	namec = nv_scan(root,nullscan,(void*)tp,tp->scanmask,flag&~NV_IARRAY);
+ 	argv = tp->argnam  = (char**)stkalloc(tp->sh->stk,(namec+1)*sizeof(char*));
+ 	namec = nv_scan(root, pushname, (void*)tp, tp->scanmask, flag&~NV_IARRAY);
+ 	if(mbcoll())
+-- 
+2.9.3
+
diff --git a/SOURCES/ksh-20120801-unset-param.patch b/SOURCES/ksh-20120801-unset-param.patch
new file mode 100644
index 0000000..7777270
--- /dev/null
+++ b/SOURCES/ksh-20120801-unset-param.patch
@@ -0,0 +1,17 @@
+diff -up ksh-20120801/src/cmd/ksh93/sh/macro.c.bz1222025 ksh-20120801/src/cmd/ksh93/sh/macro.c
+--- ksh-20120801/src/cmd/ksh93/sh/macro.c.bz1222025	2015-09-15 17:28:47.304722569 +0200
++++ ksh-20120801/src/cmd/ksh93/sh/macro.c	2015-09-17 17:49:46.842891942 +0200
+@@ -1195,6 +1195,13 @@ retry1:
+ 		}
+ 		else
+ 			v = 0;
++		if(!v && sh_isoption(SH_NOUNSET))
++		{
++			d=fcget();
++			fcseek(-1);
++			if(!(d && strchr(":+-?=",d)))
++				errormsg(SH_DICT,ERROR_exit(1),e_notset,ltos(c));
++		}
+ 		break;
+ 	    case S_ALP:
+ 		if(c=='.' && type==0)
diff --git a/SPECS/ksh.spec b/SPECS/ksh.spec
index 1e44b79..df1c202 100644
--- a/SPECS/ksh.spec
+++ b/SPECS/ksh.spec
@@ -8,7 +8,7 @@ Group:        System Environment/Shells
 #CPL everywhere else (for KSH itself)
 License:      EPL
 Version:      20120801
-Release:      26%{?dist}
+Release:      34%{?dist}
 Source0:      http://www.research.att.com/~gsf/download/tgz/ast-ksh.%{releasedate}.tgz
 Source1:      http://www.research.att.com/~gsf/download/tgz/INIT.%{releasedate}.tgz
 Source2:      kshcomp.conf
@@ -156,6 +156,27 @@ Patch66: ksh-20120801-oldenvinit.patch
 # from upsteam, for ksh < 2012-10-04, rhbz#1193557
 Patch67: ksh-20120801-emptyarrayinit.patch
 
+# not upstream yet, rhbz#1371630
+Patch68: ksh-20120801-typeset.patch
+
+# not upstream yet, rhbz#1321443
+Patch69: ksh-20120801-dotdoublefree.patch
+
+# not upstream yet, rhbz#1405784
+Patch70: ksh-20120801-subshell-leak.patch
+
+# rhbz#1189297
+Patch71: ksh-20120801-assoc-unset-leak.patch
+
+# rhbz#1222025
+Patch72: ksh-20120801-unset-param.patch
+
+# rhbz#1269088
+Patch73: ksh-20120801-badgcc.patch
+
+# rhbz#1299484
+Patch74: ksh-20120801-mb-after-argvar.patch
+
 BuildRoot:    %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Conflicts:    pdksh
 Requires: coreutils, diffutils, chkconfig
@@ -222,6 +243,13 @@ with "sh" (the Bourne Shell).
 %patch65 -p1 -b .parserfix
 %patch66 -p1 -b .oldenvinit
 %patch67 -p1 -b .emptyarrayinit
+%patch68 -p1 -b .typeset_a
+%patch69 -p1 -b .dotdoublefree
+%patch70 -p1 -b .subshell-leak
+%patch71 -p1 -b .assoc-unset-leak
+%patch72 -p1 -b .unset-param
+%patch73 -p1 -b .badgcc
+%patch74 -p1 -b .mb-after-argvar
 
 #/dev/fd test does not work because of mock
 sed -i 's|ls /dev/fd|ls /proc/self/fd|' src/cmd/ksh93/features/options
@@ -347,6 +375,38 @@ fi
     rm -rf $RPM_BUILD_ROOT
 
 %changelog
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-34
+- Multibyte character string after $1-9 was not expanded correctly
+  Resolves: #1299484
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-33
+- Prevent null-test optimization in strdup
+  Resolves: #1269088
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-32
+- Treat unset parameters as error
+  Resolves: #1222025
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-31
+- Fix a memory leak on unset of associative array
+  Resolves: #1189297
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-30
+- Fix a memory leak in subshell when PATH is set
+  Resolves: #1405784
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-29
+- Fix a crash during clean up after sourcing multiple files
+  Resolves: #1321443
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-28
+- Fix a bug in memory allocation while listing indexed arrays with typeset
+  Resolves: #1371630
+
+* Fri Feb 10 2017 Siteshwar Vashisht <svashisht@redhat.com> - 20120801-27
+- bump release
+  Resolves: #1391931
+
 * Tue Apr 26 2016 Michal Hlavinka <mhlavink@redhat.com> - 20120801-26
 - closing a file descriptor in a command substitution caused loss of the output (#1202439)
 - fix: in a login shell "( cmd & )" does nothing (#1217237)