diff --git a/SOURCES/mutt-1.5.20-domainname.patch b/SOURCES/mutt-1.5.20-domainname.patch
new file mode 100644
index 0000000..1511b80
--- /dev/null
+++ b/SOURCES/mutt-1.5.20-domainname.patch
@@ -0,0 +1,13 @@
+--- mutt/init.c	2009-12-14 19:24:59.000000000 +0100
++++ mutt/init.c.new	2016-10-19 16:00:26.065999981 +0200
+@@ -2928,9 +2928,8 @@ void mutt_init (int skip_sys_rc, LIST *c
+ #define DOMAIN buffer
+   if (!p && getdnsdomainname (buffer, sizeof (buffer)) == -1)
+     Fqdn = safe_strdup ("@");
+-  else
+ #endif /* DOMAIN */
+-    if (*DOMAIN != '@')
++  if (strlen(DOMAIN) > 0 && *DOMAIN != '@')
+   {
+     Fqdn = safe_malloc (mutt_strlen (DOMAIN) + mutt_strlen (Hostname) + 2);
+     sprintf (Fqdn, "%s.%s", NONULL(Hostname), DOMAIN);	/* __SPRINTF_CHECKED__ */
diff --git a/SOURCES/mutt-1.5.20-system_certs.patch b/SOURCES/mutt-1.5.20-system_certs.patch
new file mode 100644
index 0000000..45f0bd2
--- /dev/null
+++ b/SOURCES/mutt-1.5.20-system_certs.patch
@@ -0,0 +1,12 @@
+diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95-new/init.h
+--- mutt-17a4f92e4a95-orig/init.h	2015-06-07 22:59:32.000000000 +0200
++++ mutt-17a4f92e4a95-new/init.h	2015-06-25 15:28:56.095570332 +0200
+@@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = {
+   */
+ #if defined(USE_SSL)
+ #ifdef USE_SSL_GNUTLS
+-  { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, 0 },
++  { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, "/etc/pki/tls/certs/ca-bundle.crt" },
+   /*
+   ** .pp
+   ** This variable specifies a file containing trusted CA certificates.
diff --git a/SPECS/mutt.spec b/SPECS/mutt.spec
index 720a573..cf86494 100644
--- a/SPECS/mutt.spec
+++ b/SPECS/mutt.spec
@@ -16,7 +16,7 @@
 Summary: A text mode mail user agent
 Name: mutt
 Version: 1.5.21
-Release: 26%{?dist}
+Release: 27%{?dist}
 Epoch: 5
 # The entire source code is GPLv2+ except
 # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain
@@ -42,6 +42,8 @@ Patch16: mutt-1.5.21-verpeers.patch
 Patch17: mutt-1.5.21-manhelp.patch
 Patch18: mutt-1.5.21-tlsv1v2.patch
 Patch19: mutt-1.5.20-cve-2014-0467.patch
+Patch20: mutt-1.5.20-domainname.patch
+Patch21: mutt-1.5.20-system_certs.patch
 Url: http://www.mutt.org/
 Requires: mailcap urlview
 BuildRequires: ncurses-devel
@@ -95,6 +97,8 @@ for selecting groups of messages.
 %patch17 -p1 -b .manhelp
 %patch18 -p1 -b .tlsv1v2
 %patch19 -p1 -b .cve-2014-0467
+%patch20 -p1 -b .domainname
+%patch21 -p1 -b .system_certs
 
 sed -i.gpgerror 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure
 
@@ -181,6 +185,12 @@ ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5
 %{_mandir}/man5/muttrc.*
 
 %changelog
+* Mon Feb 27 2017 Matej Muzila <mmuzila@redhat.com> 5:1.5.21-27
+- Resolves #1388511 (System default CA bundle not set as default in compiled-in
+  default or config)
+- Resolves #1388512 (mutt sends e-mail with broken "From" header, which has no
+  host part)
+
 * Fri Mar 14 2014 Jan Pacner <jpacner@redhat.com> - 5:1.5.21-26
 - Resolves: #1075866 (CVE-2014-0467 heap-based buffer overflow when parsing
   certain headers)