diff --git a/SOURCES/nfs-utils-2.3.3-exportfs-man-labels.patch b/SOURCES/nfs-utils-2.3.3-exportfs-man-labels.patch
new file mode 100644
index 0000000..738fb85
--- /dev/null
+++ b/SOURCES/nfs-utils-2.3.3-exportfs-man-labels.patch
@@ -0,0 +1,50 @@
+commit 7d5dcd2358df55353eed94a0e84b77bb3597634e
+Author: J. Bruce Fields <bfields@redhat.com>
+Date:   Fri Mar 27 13:11:28 2020 -0400
+
+    exports man page: warn about subdirectory exports
+    
+    Subdirectory exports have a number of problems which have been poorly
+    documented.
+    
+    Signed-off-by: J. Bruce Fields <bfields@redhat.com>
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/utils/exportfs/exports.man b/utils/exportfs/exports.man
+index e3a16f6b..1d171849 100644
+--- a/utils/exportfs/exports.man
++++ b/utils/exportfs/exports.man
+@@ -494,6 +494,33 @@ export entry for
+ .B /home/joe
+ in the example section below, which maps all requests to uid 150 (which
+ is supposedly that of user joe).
++
++.SS Subdirectory Exports
++
++Normally you should only export only the root of a filesystem.  The NFS
++server will also allow you to export a subdirectory of a filesystem,
++however, this has drawbacks:
++
++First, it may be possible for a malicious user to access files on the
++filesystem outside of the exported subdirectory, by guessing filehandles
++for those other files.  The only way to prevent this is by using the
++.IR no_subtree_check
++option, which can cause other problems.
++
++Second, export options may not be enforced in the way that you would
++expect.  For example, the
++.IR security_label
++option will not work on subdirectory exports, and if nested subdirectory
++exports change the
++.IR security_label
++or
++.IR sec=
++options, NFSv4 clients will normally see only the options on the parent
++export.  Also, where security options differ, a malicious client may use
++filehandle-guessing attacks to access the files from one subdirectory
++using the options from another.
++
++
+ .SS Extra Export Tables
+ After reading 
+ .I /etc/exports 
diff --git a/SOURCES/nfs-utils-2.3.3-nfsdclddb-manpage-rename.patch b/SOURCES/nfs-utils-2.3.3-nfsdclddb-manpage-rename.patch
new file mode 100644
index 0000000..8d7991a
--- /dev/null
+++ b/SOURCES/nfs-utils-2.3.3-nfsdclddb-manpage-rename.patch
@@ -0,0 +1,29 @@
+commit 3e81185037cf97990e4598218f56d92dd70d6269
+Author: NeilBrown <neilb@suse.de>
+Date:   Tue Oct 20 13:19:10 2020 -0400
+
+    clddb-tool was recently renamed to nfsdclddb.
+    Unfortunately the nfsdcld man page wasn't told.
+    
+    Signed-off-by: NeilBrown <neilb@suse.de>
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/utils/nfsdcld/nfsdcld.man b/utils/nfsdcld/nfsdcld.man
+index 4c2b1e80..861f1c49 100644
+--- a/utils/nfsdcld/nfsdcld.man
++++ b/utils/nfsdcld/nfsdcld.man
+@@ -209,12 +209,12 @@ not necessary after upgrading \fBnfsdcld\fR, however \fBnfsd\fR will not use a l
+ version until restart.  A restart of \fBnfsd is necessary\fR after downgrading \fBnfsdcld\fR,
+ to ensure that \fBnfsd\fR does not use an upcall version that \fBnfsdcld\fR does not support.
+ Additionally, a downgrade of \fBnfsdcld\fR requires the schema of the on-disk database to
+-be downgraded as well.  That can be accomplished using the \fBclddb-tool\fR(8) utility.
++be downgraded as well.  That can be accomplished using the \fBnfsdclddb\fR(8) utility.
+ .SH FILES
+ .TP
+ .B /var/lib/nfs/nfsdcld/main.sqlite
+ .SH SEE ALSO
+-.BR nfsdcltrack "(8), " clddb-tool (8)
++.BR nfsdcltrack "(8), " nfsdclddb (8)
+ .SH "AUTHORS"
+ .IX Header "AUTHORS"
+ The nfsdcld daemon was developed by Jeff Layton <jlayton@redhat.com>
diff --git a/SOURCES/nfs-utils-2.3.3-nfsiostat-div-zero.patch b/SOURCES/nfs-utils-2.3.3-nfsiostat-div-zero.patch
new file mode 100644
index 0000000..22ffbff
--- /dev/null
+++ b/SOURCES/nfs-utils-2.3.3-nfsiostat-div-zero.patch
@@ -0,0 +1,23 @@
+diff -up nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py.orig nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py
+--- nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py.orig	2020-12-10 10:38:26.462195326 -0500
++++ nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py	2020-12-10 10:45:47.210671473 -0500
+@@ -380,6 +380,8 @@ class DeviceData:
+         sends = float(self.__rpc_data['rpcsends'])
+         if sample_time == 0:
+             sample_time = float(self.__nfs_data['age'])
++        if sample_time == 0:
++            sample_time = 1;
+         return (sends / sample_time)
+ 
+     def display_iostats(self, sample_time, which):
+diff -up nfs-utils-2.3.3/utils/gssd/gssd_proc.c.orig nfs-utils-2.3.3/utils/gssd/gssd_proc.c
+--- nfs-utils-2.3.3/utils/gssd/gssd_proc.c.orig	2018-09-06 14:09:08.000000000 -0400
++++ nfs-utils-2.3.3/utils/gssd/gssd_proc.c	2020-12-10 10:45:47.211671499 -0500
+@@ -682,6 +682,7 @@ process_krb5_upcall(struct clnt_info *cl
+ 	} else {
+ 		get_hostbased_client_buffer(gacceptor, mech, &acceptor);
+ 		gss_release_name(&min_stat, &gacceptor);
++		gss_release_oid(&min_stat, &mech);
+ 	}
+ 
+ 	/*
diff --git a/SOURCES/nfs-utils-2.3.3-nfsiostat-key-error.patch b/SOURCES/nfs-utils-2.3.3-nfsiostat-key-error.patch
new file mode 100644
index 0000000..e628c09
--- /dev/null
+++ b/SOURCES/nfs-utils-2.3.3-nfsiostat-key-error.patch
@@ -0,0 +1,37 @@
+diff -up nfs-utils-2.3.3/tools/mountstats/mountstats.py.orig nfs-utils-2.3.3/tools/mountstats/mountstats.py
+--- nfs-utils-2.3.3/tools/mountstats/mountstats.py.orig	2020-12-10 10:48:17.319579958 -0500
++++ nfs-utils-2.3.3/tools/mountstats/mountstats.py	2020-12-10 10:52:42.481484160 -0500
+@@ -943,10 +943,11 @@ def print_iostat_summary(old, new, devic
+         if not old or device not in old:
+             stats.display_iostats(time)
+         else:
+-            old_stats = DeviceData()
+-            old_stats.parse_stats(old[device])
+-            diff_stats = stats.compare_iostats(old_stats)
+-            diff_stats.display_iostats(time)
++            if ("fstype autofs" not in str(old[device])) and ("fstype autofs" not in str(new[device])):
++                old_stats = DeviceData()
++                old_stats.parse_stats(old[device])
++                diff_stats = stats.compare_iostats(old_stats)
++                diff_stats.display_iostats(time)
+ 
+ def iostat_command(args):
+     """iostat-like command for NFS mount points
+diff -up nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py.orig nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py
+--- nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py.orig	2020-12-10 10:48:17.316579880 -0500
++++ nfs-utils-2.3.3/tools/nfs-iostat/nfs-iostat.py	2020-12-10 10:52:42.481484160 -0500
+@@ -467,10 +467,13 @@ def parse_stats_file(filename):
+ def print_iostat_summary(old, new, devices, time, options):
+     stats = {}
+     diff_stats = {}
++    devicelist = []
+     if old:
+         # Trim device list to only include intersection of old and new data,
+         # this addresses umounts due to autofs mountpoints
+-        devicelist = [x for x in old if x in devices]
++        for device in devices:
++            if "fstype autofs" not in str(old[device]):
++                devicelist.append(device)
+     else:
+         devicelist = devices
+ 
diff --git a/SPECS/nfs-utils.spec b/SPECS/nfs-utils.spec
index 51a888b..8597622 100644
--- a/SPECS/nfs-utils.spec
+++ b/SPECS/nfs-utils.spec
@@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser
 Name: nfs-utils
 URL: http://linux-nfs.org/
 Version: 2.3.3
-Release: 36%{?dist}
+Release: 38%{?dist}
 Epoch: 1
 
 # group all 32bit related archs
@@ -61,6 +61,14 @@ Patch027: nfs-utils-2.3.3-nconnect-manpage.patch
 Patch028: nfs-utils-2.3.3-nfsdclddb-rename.patch
 Patch029: nfs-utils-2.3.3-nfsclnts-cmd.patch
 
+#
+# RHEL 8.3
+#
+Patch030: nfs-utils-2.3.3-exportfs-man-labels.patch
+Patch031: nfs-utils-2.3.3-nfsiostat-div-zero.patch
+Patch032: nfs-utils-2.3.3-nfsiostat-key-error.patch
+Patch033: nfs-utils-2.3.3-nfsdclddb-manpage-rename.patch
+
 Patch100: nfs-utils-1.2.1-statdpath-man.patch
 Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch
 Patch102: nfs-utils-2.3.3-idmap-errmsg.patch
@@ -223,8 +231,6 @@ done
 cat /etc/group | cut -d':' -f 1 | grep --quiet rpcuser 2>/dev/null
 if [ "$?" -eq 1 ]; then
     /usr/sbin/groupadd -g %{rpcuser_uid} rpcuser >/dev/null 2>&1 || :
-else
-    /usr/sbin/groupmod -g %{rpcuser_uid} rpcuser >/dev/null 2>&1 || :
 fi
 
 # Create rpcuser uid as long as it does not already exist.
@@ -253,11 +259,6 @@ if [ $? -eq 1 ]; then
 fi
 
 %post
-
-# Enable nfs-convert so if an old configuration 
-# exists a conversion will occur
-/bin/systemctl enable nfs-convert  >/dev/null 2>&1 || :
-
 if [ $1 -eq 1 ] ; then
 	# Initial installation
 	/bin/systemctl enable nfs-client.target >/dev/null 2>&1 || :
@@ -350,6 +351,16 @@ fi
 %{_libdir}/libnfsidmap.so
 
 %changelog
+* Thu Dec 10 2020 Steve Dickson <steved@redhat.com> 2.3.3-38
+- exports man page: warn about subdirectory exports (bz 1652437)
+- Don't modify /etc/group on upgrades (bz 1856881)
+- nfs-iostat: divide by zero with fresh mount (bz 1861823)
+- nfsiostat: Drop autofs entries before calling compare_iostats() (bz 1859130)
+- nfsdclddb: clddb-tool was recently renamed to nfsdclddb (bz 1893599)
+
+* Thu Dec 10 2020 Alice Mitchell <ajmitchell@redhat.com> 2.3.3-37
+- Remove manual enabling of nfs-convert (bz 1683895)
+
 * Fri Oct  9 2020 Alice Mitchell <ajmitchell@redhat.com> 2.3.3-36
 - Fix uninstall warnings (bz 1733170)