diff --git a/SOURCES/pki-core-rhel-7-9-rhcs-9-7-bu-15.patch b/SOURCES/pki-core-rhel-7-9-rhcs-9-7-bu-15.patch
new file mode 100644
index 0000000..c453eff
--- /dev/null
+++ b/SOURCES/pki-core-rhel-7-9-rhcs-9-7-bu-15.patch
@@ -0,0 +1,128 @@
+From 1423cf8b1e7a79ed42632e6fc462b7671833a18b Mon Sep 17 00:00:00 2001
+From: Christina Fu <cfu@redhat.com>
+Date: Tue, 12 Apr 2022 15:17:06 -0700
+Subject: [PATCH] Bug2074722-p12 password
+
+This patch comments out lines where auditContext is printed in debug
+log.
+
+fixes https://bugzilla.redhat.com/show_bug.cgi?id=2074722
+---
+ base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java     | 4 ++--
+ .../cms/src/com/netscape/cms/servlet/processors/CAProcessor.java      | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java b/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java
+index 854d656..77296d9 100644
+--- a/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java
++++ b/base/server/cms/src/com/netscape/cms/servlet/base/CMSServlet.java
+@@ -2031,7 +2031,7 @@ public abstract class CMSServlet extends HttpServlet {
+         // Initialize subjectID
+         SessionContext auditContext = SessionContext.getExistingContext();
+ 
+-        CMS.debug("CMSServlet: auditSubjectID auditContext " + auditContext);
++        //CMS.debug("CMSServlet: auditSubjectID auditContext " + auditContext);
+         if (auditContext != null) {
+             subjectID = (String)
+                     auditContext.get(SessionContext.USER_ID);
+@@ -2067,7 +2067,7 @@ public abstract class CMSServlet extends HttpServlet {
+         // Initialize groupID
+         SessionContext auditContext = SessionContext.getExistingContext();
+ 
+-        CMS.debug("CMSServlet: auditGroupID auditContext " + auditContext);
++        //CMS.debug("CMSServlet: auditGroupID auditContext " + auditContext);
+         if (auditContext != null) {
+             groupID = (String)
+                     auditContext.get(SessionContext.GROUP_ID);
+diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
+index f732c4d..ebbc7ab 100644
+--- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
++++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
+@@ -892,7 +892,7 @@ public class CAProcessor extends Processor {
+         // Initialize subjectID
+         SessionContext auditContext = SessionContext.getExistingContext();
+ 
+-        CMS.debug("CMSServlet: auditSubjectID auditContext " + auditContext);
++        //CMS.debug("CMSServlet: auditSubjectID auditContext " + auditContext);
+         if (auditContext != null) {
+             subjectID = (String)
+                     auditContext.get(SessionContext.USER_ID);
+@@ -918,7 +918,7 @@ public class CAProcessor extends Processor {
+         // Initialize groupID
+         SessionContext auditContext = SessionContext.getExistingContext();
+ 
+-        CMS.debug("CMSServlet: auditGroupID auditContext " + auditContext);
++        //CMS.debug("CMSServlet: auditGroupID auditContext " + auditContext);
+         if (auditContext != null) {
+             groupID = (String)
+                     auditContext.get(SessionContext.GROUP_ID);
+-- 
+1.8.3.1
+
+From cb9c57d143680d142a3d1671fc8d6fff15b5773c Mon Sep 17 00:00:00 2001
+From: Christina Fu <cfu@redhat.com>
+Date: Tue, 3 May 2022 15:33:44 -0700
+Subject: [PATCH 1/2] Bug2074740-p12-passwd-http-GET-params
+
+This patch handles the p12 passwd missed in GET
+
+fixes https://bugzilla.redhat.com/show_bug.cgi?id=2074740
+---
+ base/server/cmscore/src/com/netscape/cmscore/base/ArgBlock.java | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/base/server/cmscore/src/com/netscape/cmscore/base/ArgBlock.java b/base/server/cmscore/src/com/netscape/cmscore/base/ArgBlock.java
+index 46e021a..5913c94 100644
+--- a/base/server/cmscore/src/com/netscape/cmscore/base/ArgBlock.java
++++ b/base/server/cmscore/src/com/netscape/cmscore/base/ArgBlock.java
+@@ -145,7 +145,7 @@ public class ArgBlock implements IArgBlock {
+      */
+     public String getValueAsString(String n) throws EBaseException {
+         String t = (String) mArgs.get(n);
+-        CMS.traceHashKey(mType, n, t);
++        CMS.traceHashKey(mType, n, CMS.isSensitive(n)?": (sensitive)":t);
+ 
+         if (t != null) {
+             return t;
+@@ -163,7 +163,7 @@ public class ArgBlock implements IArgBlock {
+      */
+     public String getValueAsString(String n, String def) {
+         String val = (String) mArgs.get(n);
+-        CMS.traceHashKey(mType, n, val, def);
++        CMS.traceHashKey(mType, n, CMS.isSensitive(n)?": (sensitive)":val, def);
+ 
+         if (val != null) {
+             return val;
+-- 
+1.8.3.1
+
+
+From 39b291486876fda8049709f6e8018961b553a36b Mon Sep 17 00:00:00 2001
+From: Christina Fu <cfu@redhat.com>
+Date: Fri, 6 May 2022 14:28:25 -0700
+Subject: [PATCH 2/2] Bug2082717 - SCEP manual approval failure
+
+This patch fixes the set id not found null pointer exception.
+
+fixes https://bugzilla.redhat.com/show_bug.cgi?id=2082717
+---
+ .../cms/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java      | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java b/base/server/cms/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
+index 690543c..ab7abb3 100644
+--- a/base/server/cms/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
++++ b/base/server/cms/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
+@@ -1633,6 +1633,9 @@ public class CRSEnrollment extends HttpServlet {
+             reqs[0].setExtData("profileRemoteAddr", httpReq.getRemoteAddr());
+             reqs[0].setExtData("profileApprovedBy", profile.getApprovedBy());
+ 
++	    String setId = profile.getPolicySetId(reqs[0]);
++	    reqs[0].setExtData("profileSetId" /*CAProcessor.ARG_PROFILE_SET_ID*/, setId);
++
+             CMS.debug("CRSEnrollment: Populating inputs");
+             profile.populateInput(ctx, reqs[0]);
+             CMS.debug("CRSEnrollment: Populating requests");
+-- 
+1.8.3.1
+
diff --git a/SPECS/pki-core.spec b/SPECS/pki-core.spec
index 086d693..69f759e 100644
--- a/SPECS/pki-core.spec
+++ b/SPECS/pki-core.spec
@@ -65,13 +65,13 @@
 Name:             pki-core
 %if 0%{?rhel}
 Version:                10.5.18
-%define redhat_release  19
+%define redhat_release  21
 %define redhat_stage    0
 #%define default_release %{redhat_release}.%{redhat_stage}
 %define default_release %{redhat_release}
 %else
 Version:                10.5.18
-%define fedora_release  19
+%define fedora_release  21
 %define fedora_stage    0
 #%define default_release %{fedora_release}.%{fedora_stage}
 %define default_release %{fedora_release}
@@ -224,6 +224,8 @@ Patch14: pki-core-rhel-7-9-rhcs-9-7-bu-8.patch
 Patch15: pki-core-rhel-7-9-rhcs-9-7-bu-9.patch
 Patch16: pki-core-rhel-7-9-rhcs-9-7-bu-10.patch
 Patch17: pki-core-rhel-7-9-rhcs-9-7-bu-11.patch
+#Patch18: pki-core-rhel-7-9-rhcs-9-7-bu-14.patch
+Patch19: pki-core-rhel-7-9-rhcs-9-7-bu-15.patch
 
 # Obtain version phase number (e. g. - used by "alpha", "beta", etc.)
 #
@@ -842,6 +844,8 @@ This package is a part of the PKI Core used by the Certificate System.
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
+#%patch18 -p1
+%patch19 -p1
 
 %clean
 %{__rm} -rf %{buildroot}
@@ -1379,6 +1383,31 @@ fi
 %endif # %{with server}
 
 %changelog
+* Tue May 31 2022 Dogtag Team <devel@lists.dogtagpki.org> 10.5.18-21
+- ##########################################################################
+- # RHEL 7.9 (Batch Update 15):
+- ##########################################################################
+- Bugzilla Bug #2074722 - user password and pkcs12 password exposure when
+  debug level set to maximum [RHEL 7.9.z] (cfu)
+- Bugzilla Bug #2082717 - SCEP manual approval failure (cfu)
+- ##########################################################################
+- # RHCS 9.7:
+- ##########################################################################
+- Bugzilla Bug #1774177 - Rebase redhat-pki, redhat-pki-theme, pki-core, and
+  pki-console to 10.5.18 in RHCS 9.7 (Batch Update 7)
+
+* Mon Apr 25 2022 Dogtag Team <devel@lists.dogtagpki.org> 10.5.18-20
+- ##########################################################################
+- # RHEL 7.9 (Batch Update 14):
+- ##########################################################################
+- Bugzilla Bug #2074722 - user password and pkcs12 password exposure when
+  debug level set to maximum [RHEL 7.9.z] (cfu)
+- ##########################################################################
+- # RHCS 9.7:
+- ##########################################################################
+- Bugzilla Bug #1774177 - Rebase redhat-pki, redhat-pki-theme, pki-core, and
+  pki-console to 10.5.18 in RHCS 9.7 (Batch Update 7)
+
 * Thu Dec 16 2021 Dogtag Team <devel@lists.dogtagpki.org> 10.5.18-19
 - ##########################################################################
 - # RHEL 7.9 (Batch Update 11):