diff --git a/SOURCES/nfs-utils-1.2.1-exp-subtree-warn-off.patch b/SOURCES/nfs-utils-1.2.1-exp-subtree-warn-off.patch
index 0ee49bd..4312e18 100644
--- a/SOURCES/nfs-utils-1.2.1-exp-subtree-warn-off.patch
+++ b/SOURCES/nfs-utils-1.2.1-exp-subtree-warn-off.patch
@@ -1,7 +1,7 @@
diff -up nfs-utils-1.3.0/support/nfs/exports.c.orig nfs-utils-1.3.0/support/nfs/exports.c
---- nfs-utils-1.3.0/support/nfs/exports.c.orig 2017-04-27 14:09:49.090353525 -0400
-+++ nfs-utils-1.3.0/support/nfs/exports.c 2017-04-27 14:10:09.083034672 -0400
-@@ -507,7 +507,7 @@ void fix_pseudoflavor_flags(struct expor
+--- nfs-utils-1.3.0/support/nfs/exports.c.orig 2019-03-15 10:40:34.482376658 -0400
++++ nfs-utils-1.3.0/support/nfs/exports.c 2019-03-15 10:41:18.875012753 -0400
+@@ -508,7 +508,7 @@ void fix_pseudoflavor_flags(struct expor
static int
parseopts(char *cp, struct exportent *ep, int warn, int *had_subtree_opt_ptr)
{
diff --git a/SOURCES/nfs-utils-1.3.0-mountd-memleak.patch b/SOURCES/nfs-utils-1.3.0-mountd-memleak.patch
new file mode 100644
index 0000000..bcc8b84
--- /dev/null
+++ b/SOURCES/nfs-utils-1.3.0-mountd-memleak.patch
@@ -0,0 +1,62 @@
+diff -up nfs-utils-1.3.0/support/export/xtab.c.orig nfs-utils-1.3.0/support/export/xtab.c
+--- nfs-utils-1.3.0/support/export/xtab.c.orig 2014-03-25 11:12:07.000000000 -0400
++++ nfs-utils-1.3.0/support/export/xtab.c 2019-05-23 10:38:39.361594392 -0400
+@@ -43,6 +43,14 @@ xtab_read(char *xtab, char *lockfn, int
+ while ((xp = getexportent(is_export==0, 0)) != NULL) {
+ if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) &&
+ !(exp = export_create(xp, is_export!=1))) {
++ if(xp->e_hostname) {
++ free(xp->e_hostname);
++ xp->e_hostname=NULL;
++ }
++ if(xp->e_uuid) {
++ free(xp->e_uuid);
++ xp->e_uuid=NULL;
++ }
+ continue;
+ }
+ switch (is_export) {
+@@ -58,7 +66,16 @@ xtab_read(char *xtab, char *lockfn, int
+ case 2:
+ exp->m_exported = -1;/* may be exported */
+ break;
+- }
++ }
++ if(xp->e_hostname) {
++ free(xp->e_hostname);
++ xp->e_hostname=NULL;
++ }
++ if(xp->e_uuid) {
++ free(xp->e_uuid);
++ xp->e_uuid=NULL;
++ }
++
+ }
+ endexportent();
+ xfunlock(lockid);
+diff -up nfs-utils-1.3.0/support/nfs/exports.c.orig nfs-utils-1.3.0/support/nfs/exports.c
+--- nfs-utils-1.3.0/support/nfs/exports.c.orig 2019-05-23 10:38:07.558133270 -0400
++++ nfs-utils-1.3.0/support/nfs/exports.c 2019-05-23 10:38:39.362594376 -0400
+@@ -179,9 +179,20 @@ getexportent(int fromkernel, int fromexp
+ xfree(ee.e_hostname);
+ ee.e_hostname = xstrdup(hostname);
+
+- if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0)
+- return NULL;
++ if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) {
++ if(ee.e_hostname)
++ {
++ xfree(ee.e_hostname);
++ ee.e_hostname=NULL;
++ }
++ if(ee.e_uuid)
++ {
++ xfree(ee.e_uuid);
++ ee.e_uuid=NULL;
++ }
+
++ return NULL;
++ }
+ /* resolve symlinks */
+ if (realpath(ee.e_path, rpath) != NULL) {
+ rpath[sizeof (rpath) - 1] = '\0';
diff --git a/SOURCES/nfs-utils-1.3.0-nfsconf-manage-gids.patch b/SOURCES/nfs-utils-1.3.0-nfsconf-manage-gids.patch
new file mode 100644
index 0000000..ec6bac0
--- /dev/null
+++ b/SOURCES/nfs-utils-1.3.0-nfsconf-manage-gids.patch
@@ -0,0 +1,12 @@
+diff -up nfs-utils-1.3.0/nfs.conf.orig nfs-utils-1.3.0/nfs.conf
+--- nfs-utils-1.3.0/nfs.conf.orig 2019-03-14 11:50:11.700386471 -0400
++++ nfs-utils-1.3.0/nfs.conf 2019-03-14 14:05:50.077730263 -0400
+@@ -25,7 +25,7 @@
+ #
+ #[mountd]
+ # debug=0
+-# manage_gids=n
++# manage-gids=n
+ # descriptors=0
+ # port=0
+ # threads=1
diff --git a/SOURCES/nfs-utils-1.3.0-smnotify-f-flag.patch b/SOURCES/nfs-utils-1.3.0-smnotify-f-flag.patch
new file mode 100644
index 0000000..a68afdb
--- /dev/null
+++ b/SOURCES/nfs-utils-1.3.0-smnotify-f-flag.patch
@@ -0,0 +1,151 @@
+diff --git a/nfs.conf b/nfs.conf
+index 118f638..ea8204b 100644
+--- a/nfs.conf
++++ b/nfs.conf
+@@ -9,6 +9,8 @@
+ # debug=0
+ #
+ #[gssd]
++# verbosity=0
++# rpc-verbosity=0
+ # use-memcache=0
+ # use-machine-creds=1
+ # avoid-dns=1
+@@ -64,6 +66,7 @@
+ #
+ #[sm-notify]
+ # debug=0
++# force=0
+ # retry-time=900
+ # outgoing-port=
+ # outgoing-addr=
+diff --git a/systemd/nfs.conf.man b/systemd/nfs.conf.man
+index 9700586..0953b80 100644
+--- a/systemd/nfs.conf.man
++++ b/systemd/nfs.conf.man
+@@ -204,6 +204,8 @@ for details.
+ .TP
+ .B gssd
+ Recognized values:
++.BR verbosity ,
++.BR rpc-verbosity ,
+ .BR use-memcache ,
+ .BR use-machine-creds ,
+ .BR avoid-dns ,
+diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
+index 10d50d3..05defb4 100644
+--- a/utils/gssd/gssd.c
++++ b/utils/gssd/gssd.c
+@@ -889,6 +889,9 @@ main(int argc, char *argv[])
+
+ read_gss_conf();
+
++ verbosity = conf_get_num("gssd", "verbosity", verbosity);
++ rpc_verbosity = conf_get_num("gssd", "rpc-verbosity", rpc_verbosity);
++
+ while ((opt = getopt(argc, argv, "DfvrlmnMp:k:d:t:T:R:")) != -1) {
+ switch (opt) {
+ case 'f':
+diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c
+index 1fb579a..9d3ca40 100644
+--- a/utils/gssd/svcgssd.c
++++ b/utils/gssd/svcgssd.c
+@@ -113,6 +113,10 @@ main(int argc, char *argv[])
+ else
+ principal = s;
+
++ verbosity = conf_get_num("svcgssd", "Verbosity", verbosity);
++ rpc_verbosity = conf_get_num("svcgssd", "RPC-Verbosity", rpc_verbosity);
++ idmap_verbosity = conf_get_num("svcgssd", "IDMAP-Verbosity", idmap_verbosity);
++
+ while ((opt = getopt(argc, argv, "fivrnp:")) != -1) {
+ switch (opt) {
+ case 'f':
+diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
+index 03efbea..9317fd7 100644
+--- a/utils/idmapd/idmapd.c
++++ b/utils/idmapd/idmapd.c
+@@ -263,6 +263,10 @@ main(int argc, char **argv)
+ strlcpy(pipefsdir, xpipefsdir, sizeof(pipefsdir));
+ CONF_SAVE(nobodyuser, conf_get_str("Mapping", "Nobody-User"));
+ CONF_SAVE(nobodygroup, conf_get_str("Mapping", "Nobody-Group"));
++ if (conf_get_bool("General", "server-only", false))
++ clientstart = 0;
++ if (conf_get_bool("General", "client-only", false))
++ serverstart = 0;
+ }
+ } else {
+ conf_path = NFS_CONFFILE;
+@@ -278,6 +282,10 @@ main(int argc, char **argv)
+ "cache-expiration", DEFAULT_IDMAP_CACHE_EXPIRY);
+ CONF_SAVE(nobodyuser, conf_get_str("Mapping", "Nobody-User"));
+ CONF_SAVE(nobodygroup, conf_get_str("Mapping", "Nobody-Group"));
++ if (conf_get_bool("General", "server-only", false))
++ clientstart = 0;
++ if (conf_get_bool("General", "client-only", false))
++ serverstart = 0;
+ }
+
+ while ((opt = getopt(argc, argv, GETOPTSTR)) != -1)
+diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c
+index cc4d425..248b950 100644
+--- a/utils/statd/sm-notify.c
++++ b/utils/statd/sm-notify.c
+@@ -46,6 +46,7 @@
+ #define NLM_END_GRACE_FILE "/proc/fs/lockd/nlm_end_grace"
+
+ int lift_grace = 1;
++int force = 0;
+
+ struct nsm_host {
+ struct nsm_host * next;
+@@ -477,13 +478,30 @@ nsm_lift_grace_period(void)
+ close(fd);
+ return;
+ }
++inline static void
++read_nfsconf(char **argv)
++{
++ char *s;
++
++ conf_init();
++ xlog_from_conffile("sm-notify");
++ opt_max_retry = conf_get_num("sm-notify", "retry-time", opt_max_retry / 60) * 60;
++ opt_srcport = conf_get_str("sm-notify", "outgoing-port");
++ opt_srcaddr = conf_get_str("sm-notify", "outgoing-addr");
++ lift_grace = conf_get_bool("sm-notify", "lift-grace", lift_grace);
++
++ s = conf_get_str("statd", "state-directory-path");
++ if (s && !nsm_setup_pathnames(argv[0], s))
++ exit(1);
++ opt_update_state = conf_get_bool("sm-notify", "update-state", opt_update_state);
++ force = conf_get_bool("sm-notify", "force", force);
++}
+
+ int
+ main(int argc, char **argv)
+ {
+- int c, sock, force = 0;
++ int c, sock;
+ char * progname;
+- char * s;
+
+ progname = strrchr(argv[0], '/');
+ if (progname != NULL)
+@@ -491,15 +509,7 @@ main(int argc, char **argv)
+ else
+ progname = argv[0];
+
+- conf_init();
+- xlog_from_conffile("sm-notify");
+- opt_max_retry = conf_get_num("sm-notify", "retry-time", opt_max_retry / 60) * 60;
+- opt_srcport = conf_get_str("sm-notify", "outgoing-port");
+- opt_srcaddr = conf_get_str("sm-notify", "outgoing-addr");
+- lift_grace = conf_get_bool("sm-notify", "lift-grace", lift_grace);
+- s = conf_get_str("statd", "state-directory-path");
+- if (s && !nsm_setup_pathnames(argv[0], s))
+- exit(1);
++ read_nfsconf(argv);
+
+ while ((c = getopt(argc, argv, "dm:np:v:P:f")) != -1) {
+ switch (c) {
diff --git a/SOURCES/nfs-utils-1.3.0-statd-no-notify.patch b/SOURCES/nfs-utils-1.3.0-statd-no-notify.patch
new file mode 100644
index 0000000..fb7863b
--- /dev/null
+++ b/SOURCES/nfs-utils-1.3.0-statd-no-notify.patch
@@ -0,0 +1,102 @@
+diff -up nfs-utils-1.3.0/nfs.conf.orig nfs-utils-1.3.0/nfs.conf
+--- nfs-utils-1.3.0/nfs.conf.orig 2019-03-15 11:06:31.295217191 -0400
++++ nfs-utils-1.3.0/nfs.conf 2019-03-15 11:07:37.178172631 -0400
+@@ -63,6 +63,7 @@
+ # name=
+ # state-directory-path=/var/lib/nfs/statd
+ # ha-callout=
++# no-notify=0
+ #
+ #[sm-notify]
+ # debug=0
+diff -up nfs-utils-1.3.0/utils/statd/statd.c.orig nfs-utils-1.3.0/utils/statd/statd.c
+--- nfs-utils-1.3.0/utils/statd/statd.c.orig 2019-03-15 11:06:31.244216452 -0400
++++ nfs-utils-1.3.0/utils/statd/statd.c 2019-03-15 11:15:33.950086819 -0400
+@@ -226,7 +226,8 @@ static void set_nlm_port(char *type, int
+ fd = open(pathbuf, O_WRONLY);
+ if (fd < 0 && errno == ENOENT) {
+ /* probably module not loaded */
+- system("modprobe lockd");
++ if (system("modprobe lockd"))
++ {/* ignore return value */}
+ fd = open(pathbuf, O_WRONLY);
+ }
+ if (fd >= 0) {
+@@ -237,6 +238,39 @@ static void set_nlm_port(char *type, int
+ } else
+ fprintf(stderr, "%s: failed to open %s: %m\n", name_p, pathbuf);
+ }
++int port = 0, out_port = 0;
++int nlm_udp = 0, nlm_tcp = 0;
++
++inline static void
++read_nfsconf(char **argv)
++{
++ char *s;
++
++ conf_init();
++ xlog_from_conffile("statd");
++
++ out_port = conf_get_num("statd", "outgoing-port", out_port);
++ port = conf_get_num("statd", "port", port);
++
++ MY_NAME = conf_get_str("statd", "name");
++ if (MY_NAME)
++ run_mode |= STATIC_HOSTNAME;
++
++ s = conf_get_str("statd", "state-directory-path");
++ if (s && !nsm_setup_pathnames(argv[0], s))
++ exit(1);
++
++ s = conf_get_str("statd", "ha-callout");
++ if (s)
++ ha_callout_prog = s;
++
++ nlm_tcp = conf_get_num("lockd", "port", nlm_tcp);
++ /* udp defaults to the same as tcp ! */
++ nlm_udp = conf_get_num("lockd", "udp-port", nlm_tcp);
++
++ if (conf_get_bool("statd", "no-notify", false))
++ run_mode |= MODE_NO_NOTIFY;
++}
+
+ /*
+ * Entry routine/main loop.
+@@ -244,11 +278,8 @@ static void set_nlm_port(char *type, int
+ int main (int argc, char **argv)
+ {
+ extern char *optarg;
+- char *s;
+ int pid;
+ int arg;
+- int port = 0, out_port = 0;
+- int nlm_udp = 0, nlm_tcp = 0;
+ struct rlimit rlim;
+ char *env;
+
+@@ -273,23 +304,8 @@ int main (int argc, char **argv)
+ /* Set hostname */
+ MY_NAME = NULL;
+
+- conf_init();
+- xlog_from_conffile("statd");
+- out_port = conf_get_num("statd", "outgoing-port", out_port);
+- port = conf_get_num("statd", "port", port);
+- MY_NAME = conf_get_str("statd", "name");
+- if (MY_NAME)
+- run_mode |= STATIC_HOSTNAME;
+- s = conf_get_str("statd", "state-directory-path");
+- if (s && !nsm_setup_pathnames(argv[0], s))
+- exit(1);
+- s = conf_get_str("statd", "ha-callout");
+- if (s)
+- ha_callout_prog = s;
+-
+- nlm_tcp = conf_get_num("lockd", "port", nlm_tcp);
+- /* udp defaults to the same as tcp ! */
+- nlm_udp = conf_get_num("lockd", "udp-port", nlm_tcp);
++ /* Read nfs.conf */
++ read_nfsconf(argv);
+
+ /* Process command line switches */
+ while ((arg = getopt_long(argc, argv, "h?vVFNH:dn:p:o:P:LT:U:", longopts, NULL)) != EOF) {
diff --git a/SOURCES/nfs-utils-1.3.0-statd-useaafter.patch b/SOURCES/nfs-utils-1.3.0-statd-useaafter.patch
new file mode 100644
index 0000000..dac4c44
--- /dev/null
+++ b/SOURCES/nfs-utils-1.3.0-statd-useaafter.patch
@@ -0,0 +1,27 @@
+commit 86604e2bd536ea48832dd0bf3d95b15de4de2733
+Author: Steve Dickson <steved@redhat.com>
+Date: Thu Sep 6 10:22:11 2018 -0400
+
+ statd: fix use-after-free in monitor list if insertion fails
+
+ If nsm_insert_monitored_host() fails while saving the record to
+ stable storage, we can't just assume the entry was new. Existing
+ records must be removed from the list before being freed.
+
+ Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
+ Signed-off-by: Frank Sorenson <sorenson@redhat.com>
+ Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/utils/statd/monitor.c b/utils/statd/monitor.c
+index 45c4346..9400048 100644
+--- a/utils/statd/monitor.c
++++ b/utils/statd/monitor.c
+@@ -197,7 +197,7 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp)
+
+ if (!nsm_insert_monitored_host(dnsname,
+ (struct sockaddr *)(char *)&my_addr, argp)) {
+- nlist_free(NULL, clnt);
++ nlist_free(existing ? &rtnl : NULL, clnt);
+ goto failure;
+ }
+
diff --git a/SOURCES/nfs-utils-1.3.0-systemd-gssproxy-restart.patch b/SOURCES/nfs-utils-1.3.0-systemd-gssproxy-restart.patch
index 498e50a..d8e4285 100644
--- a/SOURCES/nfs-utils-1.3.0-systemd-gssproxy-restart.patch
+++ b/SOURCES/nfs-utils-1.3.0-systemd-gssproxy-restart.patch
@@ -7,7 +7,7 @@ diff -up nfs-utils-1.3.0/systemd/nfs-server.service.orig nfs-utils-1.3.0/systemd
ExecStartPre=-/usr/sbin/exportfs -r
-ExecStartPre=-/bin/sh -c '/bin/kill -HUP `cat /run/gssproxy.pid`'
ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS
-+ExecStartPost=-/bin/sh -c 'if systemctl -q is-active gssproxy; then systemctl restart gssproxy ; fi'
++ExecStartPost=-/bin/sh -c 'if systemctl -q is-active gssproxy; then systemctl reload gssproxy ; fi'
ExecStop=/usr/sbin/rpc.nfsd 0
ExecStopPost=/usr/sbin/exportfs -au
ExecStopPost=/usr/sbin/exportfs -f
diff --git a/SPECS/nfs-utils.spec b/SPECS/nfs-utils.spec
index c58e8ec..41d1782 100644
--- a/SPECS/nfs-utils.spec
+++ b/SPECS/nfs-utils.spec
@@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser
Name: nfs-utils
URL: http://sourceforge.net/projects/nfs
Version: 1.3.0
-Release: 0.61%{?dist}
+Release: 0.65%{?dist}
Epoch: 1
# group all 32bit related archs
@@ -153,6 +153,14 @@ Patch116: nfs-utils-1.3.0-systemd-nfs-man.patch
Patch117: nfs-utils-1.3.0-mount-clientaddr.patch
Patch118: nfs-utils-1.3.0-mount-turnoffv4.patch
Patch119: nfs-utils-1.3.0-nfsconf-disable-v4.patch
+#
+# RHEL7.7
+#
+Patch120: nfs-utils-1.3.0-statd-useaafter.patch
+Patch121: nfs-utils-1.3.0-nfsconf-manage-gids.patch
+Patch122: nfs-utils-1.3.0-smnotify-f-flag.patch
+Patch123: nfs-utils-1.3.0-statd-no-notify.patch
+Patch124: nfs-utils-1.3.0-mountd-memleak.patch
Patch1000: nfs-utils-1.2.1-statdpath-man.patch
Patch1001: nfs-utils-1.2.1-exp-subtree-warn-off.patch
@@ -448,6 +456,16 @@ This package also contains the mount.nfs and umount.nfs program.
%patch118 -p1
# 1625032 - [nfsd] fail to disable major NFS version 4 using "vers4=n"...
%patch119 -p1
+# 1624542 - Fix use-after-free in rpc.statd monitor list when insertion...
+%patch120 -p1
+# 1677403 - nfs.conf: manage-gids option typo
+%patch121 -p1
+# 1688932 - sm-notify: add flag "-f" to nfs.conf parsing (RHEL7)
+%patch122 -p1
+# 1688918 - nfsserver: fix option --no-notify not recognized
+%patch123 -p1
+# 1711210 - rpc.mountd leaks memory
+%patch124 -p1
%patch1000 -p1
%patch1001 -p1
@@ -700,6 +718,21 @@ fi
/sbin/umount.nfs4
%changelog
+* Thu May 23 2019 Steve Dickson <steved@redhat.com> 1.3.0-0.65
+- Fixed typo of mountd-memleak.patch not being applied (bz 1711210)
+
+* Thu May 23 2019 Steve Dickson <steved@redhat.com> 1.3.0-0.64
+- rpc.mountd: Fix e_hostname and e_uuid leaks (bz 1711210)
+
+* Fri Mar 15 2019 Steve Dickson <steved@redhat.com> 1.3.0-0.63
+- nfs.conf: Fixed manage-gids option typo (bz 1677403)
+- sm-notify: Added -f flag to nfs.conf parsing (bz 1688932)
+- Add nfs.conf equivalent for the statd --no-notify cmdline option (bz 1688918)
+- nfs-server: Use reload not restart to start gssproxy (bz 1644169)
+
+* Mon Feb 11 2019 Steve Dickson <steved@redhat.com> 1.3.0-0.62
+- statd: fix use-after-free in monitor list if insertion fails (bz 1624542)
+
* Wed Sep 26 2018 Steve Dickson <steved@redhat.com> 1.3.0-0.61
- nfs.conf: fail to disable major NFS version 4 using "vers4=n" (bz 1625032)