diff --git a/SOURCES/net-snmp-5.7.2-SHA-fix.patch b/SOURCES/net-snmp-5.7.2-SHA-fix.patch
new file mode 100644
index 0000000..26a603c
--- /dev/null
+++ b/SOURCES/net-snmp-5.7.2-SHA-fix.patch
@@ -0,0 +1,46 @@
+diff -up net-snmp-5.7.2/configure.d/config_os_libs2.orig net-snmp-5.7.2/configure.d/config_os_libs2
+--- net-snmp-5.7.2/configure.d/config_os_libs2.orig	2019-11-20 14:04:21.531094867 +0100
++++ net-snmp-5.7.2/configure.d/config_os_libs2	2019-11-20 14:05:06.967796642 +0100
+@@ -317,12 +317,12 @@ elif test "x$askedpkcs" = "xyes"; then
+ fi
+ if test "x$TLSPROG" = "xyes"; then
+    AC_CHECK_DECL([EVP_sha224],
+-    : ,
+     AC_DEFINE([HAVE_EVP_SHA224], [], [Define if you have EVP_sha224/256 in openssl]),
++    : ,
+     [[#include <openssl/evp.h>]])
+    AC_CHECK_DECL([EVP_sha384],
+-    : ,
+     AC_DEFINE([HAVE_EVP_SHA384], [], [Define if you have EVP_sha384/256 in openssl]),
++    : ,
+     [[#include <openssl/evp.h>]])
+ fi
+ 
+diff -up net-snmp-5.7.2/configure.orig net-snmp-5.7.2/configure
+--- net-snmp-5.7.2/configure.orig	2019-11-20 15:39:21.930543804 +0100
++++ net-snmp-5.7.2/configure	2019-11-20 15:53:07.936262052 +0100
+@@ -22887,20 +22887,16 @@ if test "x$TLSPROG" = "xyes"; then
+    ac_fn_c_check_decl "$LINENO" "EVP_sha224" "ac_cv_have_decl_EVP_sha224" "#include <openssl/evp.h>
+ "
+ if test "x$ac_cv_have_decl_EVP_sha224" = xyes; then :
+-  :
+-else
+-
+-$as_echo "#define HAVE_EVP_SHA224 /**/" >>confdefs.h
++  $as_echo "#define HAVE_EVP_SHA224 /**/" >>confdefs.h
++else :
+ 
+ fi
+ 
+    ac_fn_c_check_decl "$LINENO" "EVP_sha384" "ac_cv_have_decl_EVP_sha384" "#include <openssl/evp.h>
+ "
+ if test "x$ac_cv_have_decl_EVP_sha384" = xyes; then :
+-  :
+-else
+-
+-$as_echo "#define HAVE_EVP_SHA384 /**/" >>confdefs.h
++  $as_echo "#define HAVE_EVP_SHA384 /**/" >>confdefs.h
++else :
+ 
+ fi
+ 
diff --git a/SOURCES/net-snmp-5.7.2-memory.patch b/SOURCES/net-snmp-5.7.2-memory.patch
index d353e70..2b5864f 100644
--- a/SOURCES/net-snmp-5.7.2-memory.patch
+++ b/SOURCES/net-snmp-5.7.2-memory.patch
@@ -24,24 +24,6 @@ diff -urNp c/agent/mibgroup/hardware/memory/memory_linux.c d/agent/mibgroup/hard
      b = strstr(buff, "SwapFree: ");
      if (b)
          sscanf(b, "SwapFree: %lu", &swapfree);
-@@ -147,7 +154,7 @@ int netsnmp_mem_arch_load( netsnmp_cache
-              mem->descr = strdup("Physical memory");
-         mem->units = 1024;
-         mem->size  = memtotal;
--        mem->free  = memfree;
-+        mem->free  = memfree+buffers+cached+sreclaimable;
-         mem->other = -1;
-     }
- 
-@@ -159,7 +166,7 @@ int netsnmp_mem_arch_load( netsnmp_cache
-              mem->descr = strdup("Virtual memory");
-         mem->units = 1024;
-         mem->size  = memtotal+swaptotal;
--        mem->free  = memfree +swapfree;
-+        mem->free  = memfree+swapfree+buffers+cached+sreclaimable;
-         mem->other = -1;
-     }
- 
 @@ -182,7 +189,7 @@ int netsnmp_mem_arch_load( netsnmp_cache
          if (!mem->descr)
               mem->descr = strdup("Cached memory");
diff --git a/SOURCES/net-snmp-5.7.2-sec-counter.patch b/SOURCES/net-snmp-5.7.2-sec-counter.patch
new file mode 100644
index 0000000..bdb016b
--- /dev/null
+++ b/SOURCES/net-snmp-5.7.2-sec-counter.patch
@@ -0,0 +1,145 @@
+diff -up net-snmp-5.7.2/include/net-snmp/library/snmpusm.h.bz1809076 net-snmp-5.7.2/include/net-snmp/library/snmpusm.h
+--- net-snmp-5.7.2/include/net-snmp/library/snmpusm.h.bz1809076	2020-03-02 14:11:34.000000000 +0100
++++ net-snmp-5.7.2/include/net-snmp/library/snmpusm.h	2020-03-02 14:05:12.000000000 +0100
+@@ -34,6 +34,7 @@ extern          "C" {
+      * Structures.
+      */
+     struct usmStateReference {
++        int             refcnt;
+         char           *usr_name;
+         size_t          usr_name_length;
+         u_char         *usr_engine_id;
+diff -up net-snmp-5.7.2/snmplib/snmp_client.c.bz1809076 net-snmp-5.7.2/snmplib/snmp_client.c
+--- net-snmp-5.7.2/snmplib/snmp_client.c.bz1809076	2020-03-02 14:11:27.000000000 +0100
++++ net-snmp-5.7.2/snmplib/snmp_client.c	2020-03-02 14:03:40.000000000 +0100
+@@ -391,27 +391,16 @@ _clone_pdu_header(netsnmp_pdu *pdu)
+         return NULL;
+     }
+ 
+-    if (pdu != NULL && pdu->securityStateRef &&
+-        pdu->command == SNMP_MSG_TRAP2) {
+-
+-        ret = usm_clone_usmStateReference((struct usmStateReference *) pdu->securityStateRef,
+-                (struct usmStateReference **) &newpdu->securityStateRef );
+-
+-        if (ret)
+-        {
++    sptr = find_sec_mod(newpdu->securityModel);
++    if (sptr && sptr->pdu_clone) {
++        /* call security model if it needs to know about this */
++        ret = sptr->pdu_clone(pdu, newpdu);
++        if (ret) {
+             snmp_free_pdu(newpdu);
+             return 0;
+         }
+     }
+ 
+-    if ((sptr = find_sec_mod(newpdu->securityModel)) != NULL &&
+-        sptr->pdu_clone != NULL) {
+-        /*
+-         * call security model if it needs to know about this 
+-         */
+-        (*sptr->pdu_clone) (pdu, newpdu);
+-    }
+-
+     return newpdu;
+ }
+ 
+diff -up net-snmp-5.7.2/snmplib/snmpusm.c.bz1809076 net-snmp-5.7.2/snmplib/snmpusm.c
+--- net-snmp-5.7.2/snmplib/snmpusm.c.bz1809076	2020-03-02 14:11:20.000000000 +0100
++++ net-snmp-5.7.2/snmplib/snmpusm.c	2020-03-02 14:08:30.000000000 +0100
+@@ -192,43 +192,63 @@ free_enginetime_on_shutdown(int majorid,
+ struct usmStateReference *
+ usm_malloc_usmStateReference(void)
+ {
+-    struct usmStateReference *retval = (struct usmStateReference *)
+-        calloc(1, sizeof(struct usmStateReference));
++    struct usmStateReference *retval;
++
++    retval = calloc(1, sizeof(struct usmStateReference));
++    if (retval)
++        retval->refcnt = 1;
+ 
+     return retval;
+ }                               /* end usm_malloc_usmStateReference() */
+ 
++static int
++usm_clone(netsnmp_pdu *pdu, netsnmp_pdu *new_pdu)
++{
++    struct usmStateReference *ref = pdu->securityStateRef;
++    struct usmStateReference **new_ref =
++        (struct usmStateReference **)&new_pdu->securityStateRef;
++    int ret = 0;
++
++    if (!ref)
++        return ret;
++
++    if (pdu->command == SNMP_MSG_TRAP2) {
++        netsnmp_assert(pdu->securityModel == SNMP_DEFAULT_SECMODEL);
++        ret = usm_clone_usmStateReference(ref, new_ref);
++    } else {
++        netsnmp_assert(ref == *new_ref);
++        ref->refcnt++;
++    }
++
++    return ret;
++}
+ 
+ void
+ usm_free_usmStateReference(void *old)
+ {
+-    struct usmStateReference *old_ref = (struct usmStateReference *) old;
++    struct usmStateReference *ref = old;
+ 
+-    if (old_ref) {
++    if (!ref)
++        return;
+ 
+-        if (old_ref->usr_name_length)
+-            SNMP_FREE(old_ref->usr_name);
+-        if (old_ref->usr_engine_id_length)
+-            SNMP_FREE(old_ref->usr_engine_id);
+-        if (old_ref->usr_auth_protocol_length)
+-            SNMP_FREE(old_ref->usr_auth_protocol);
+-        if (old_ref->usr_priv_protocol_length)
+-            SNMP_FREE(old_ref->usr_priv_protocol);
+-
+-        if (old_ref->usr_auth_key_length && old_ref->usr_auth_key) {
+-            SNMP_ZERO(old_ref->usr_auth_key, old_ref->usr_auth_key_length);
+-            SNMP_FREE(old_ref->usr_auth_key);
+-        }
+-        if (old_ref->usr_priv_key_length && old_ref->usr_priv_key) {
+-            SNMP_ZERO(old_ref->usr_priv_key, old_ref->usr_priv_key_length);
+-            SNMP_FREE(old_ref->usr_priv_key);
+-        }
++    if (--ref->refcnt > 0)
++        return;
+ 
+-        SNMP_ZERO(old_ref, sizeof(*old_ref));
+-        SNMP_FREE(old_ref);
++    SNMP_FREE(ref->usr_name);
++    SNMP_FREE(ref->usr_engine_id);
++    SNMP_FREE(ref->usr_auth_protocol);
++    SNMP_FREE(ref->usr_priv_protocol);
+ 
++    if (ref->usr_auth_key_length && ref->usr_auth_key) {
++        SNMP_ZERO(ref->usr_auth_key, ref->usr_auth_key_length);
++        SNMP_FREE(ref->usr_auth_key);
++    }
++    if (ref->usr_priv_key_length && ref->usr_priv_key) {
++        SNMP_ZERO(ref->usr_priv_key, ref->usr_priv_key_length);
++        SNMP_FREE(ref->usr_priv_key);
+     }
+ 
++    SNMP_FREE(ref);
+ }                               /* end usm_free_usmStateReference() */
+ 
+ struct usmUser *
+@@ -3184,6 +3204,7 @@ init_usm(void)
+     def->encode_reverse = usm_secmod_rgenerate_out_msg;
+     def->encode_forward = usm_secmod_generate_out_msg;
+     def->decode = usm_secmod_process_in_msg;
++    def->pdu_clone = usm_clone;
+     def->pdu_free_state_ref = usm_free_usmStateReference;
+     def->session_setup = usm_session_init;
+     def->handle_report = usm_handle_report;
diff --git a/SPECS/net-snmp.spec b/SPECS/net-snmp.spec
index 0c02dec..e0ecf9e 100644
--- a/SPECS/net-snmp.spec
+++ b/SPECS/net-snmp.spec
@@ -11,7 +11,7 @@
 Summary: A collection of SNMP protocol tools and libraries
 Name: net-snmp
 Version: 5.7.2
-Release: 45%{?dist}
+Release: 48%{?dist}
 Epoch: 1
 
 License: BSD
@@ -120,6 +120,8 @@ Patch84: net-snmp-5.7.2-icmp.patch
 Patch85: net-snmp-5.7.2-pass_common.patch
 Patch86: net-snmp-5.7.2-CVE-2018-18066.patch
 Patch87: net-snmp-5.7.2-counter64.patch
+Patch88: net-snmp-5.7.2-SHA-fix.patch
+Patch89: net-snmp-5.7.2-sec-counter.patch
 
 Requires(post): chkconfig
 Requires(preun): chkconfig
@@ -360,6 +362,8 @@ The net-snmp-sysvinit package provides SysV init scripts for Net-SNMP daemons.
 %patch85 -p1 -b .pass_common
 %patch86 -p1 -b .CVE-2018-18066
 %patch87 -p1 -b .counter64
+%patch88 -p1 -b .SHA-fix
+%patch89 -p1 -b .sec-counter
 
 %ifarch sparc64 s390 s390x
 # disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697
@@ -655,6 +659,15 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_initrddir}/snmptrapd
 
 %changelog
+* Wed Mar 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.7.2-48
+- fix crash due of double-free of security context (#1809076)
+
+* Mon Dec 09 2019 Josef Ridky <jridky@redhat.com> - 1:5.7.2-47
+- revert calculation of free space (#1779609)
+
+* Mon Dec 02 2019 Josef Ridky <jridky@redhat.com> - 1:5.7.2-46
+- fix sha224 and sha384 declaration check (#1774693)
+
 * Tue Sep 17 2019 Josef Ridky <jridky@redhat.com> - 1:5.7.2-45
 - fix memory leak introduced by fix of snmp v3 traps forwarding (#1751195)