diff --git a/SOURCES/0201-Keep-a-reference-to-the-object-used-for-CURLOPT_POST.patch b/SOURCES/0201-Keep-a-reference-to-the-object-used-for-CURLOPT_POST.patch
new file mode 100644
index 0000000..20406fb
--- /dev/null
+++ b/SOURCES/0201-Keep-a-reference-to-the-object-used-for-CURLOPT_POST.patch
@@ -0,0 +1,98 @@
+From f1169a50516e34d22a22229113aef46212177417 Mon Sep 17 00:00:00 2001
+From: Oleg Pudeyev <oleg@bsdpower.com>
+Date: Thu, 3 Oct 2013 22:31:31 -0400
+Subject: [PATCH] Keep a reference to the object used for CURLOPT_POSTFIELDS.
+
+Fixes #34
+
+Upstream-commit: b01a04fbd7797c70c5397a1b04abb09e6e4c8a36
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/pycurl.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/pycurl.c b/src/pycurl.c
+index 9a7135c..31722ad 100644
+--- a/src/pycurl.c
++++ b/src/pycurl.c
+@@ -149,16 +149,18 @@ typedef struct {
+ PyObject *pro_cb;
+ PyObject *debug_cb;
+ PyObject *ioctl_cb;
+ PyObject *opensocket_cb;
+ /* file objects */
+ PyObject *readdata_fp;
+ PyObject *writedata_fp;
+ PyObject *writeheader_fp;
++ /* reference to the object used for CURLOPT_POSTFIELDS */
++ PyObject *postfields_obj;
+ /* misc */
+ char error[CURL_ERROR_SIZE+1];
+ } CurlObject;
+
+ /* Throw exception based on return value `res' and `self->error' */
+ #define CURLERROR_RETVAL() do {\
+ PyObject *v; \
+ self->error[sizeof(self->error) - 1] = 0; \
+@@ -727,16 +729,17 @@ util_curl_new(void)
+ self->debug_cb = NULL;
+ self->ioctl_cb = NULL;
+ self->opensocket_cb = NULL;
+
+ /* Set file object pointers to NULL by default */
+ self->readdata_fp = NULL;
+ self->writedata_fp = NULL;
+ self->writeheader_fp = NULL;
++ self->postfields_obj = NULL;
+
+ /* Zero string pointer memory buffer used by setopt */
+ memset(self->error, 0, sizeof(self->error));
+
+ return self;
+ }
+
+ /* initializer - used to intialize curl easy handles for use with pycurl */
+@@ -854,16 +857,17 @@ util_curl_xdecref(CurlObject *self, int flags, CURL *handle)
+ ZAP(self->ioctl_cb);
+ }
+
+ if (flags & 8) {
+ /* Decrement refcount for python file objects. */
+ ZAP(self->readdata_fp);
+ ZAP(self->writedata_fp);
+ ZAP(self->writeheader_fp);
++ ZAP(self->postfields_obj);
+ }
+
+ if (flags & 16) {
+ /* Decrement refcount for share objects. */
+ if (self->share != NULL) {
+ CurlShareObject *share = self->share;
+ self->share = NULL;
+ if (share->share_handle != NULL && handle != NULL) {
+@@ -1626,16 +1630,22 @@ do_curl_setopt(CurlObject *self, PyObject *args)
+ /* Allocate memory to hold the string */
+ assert(str != NULL);
+ /* Call setopt */
+ res = curl_easy_setopt(self->handle, (CURLoption)option, str);
+ /* Check for errors */
+ if (res != CURLE_OK) {
+ CURLERROR_RETVAL();
+ }
++ /* libcurl does not copy the value of CURLOPT_POSTFIELDS */
++ if (option == CURLOPT_POSTFIELDS) {
++ Py_INCREF(obj);
++ Py_XDECREF(self->postfields_obj);
++ self->postfields_obj = obj;
++ }
+ Py_INCREF(Py_None);
+ return Py_None;
+ }
+
+ #define IS_LONG_OPTION(o) (o < CURLOPTTYPE_OBJECTPOINT)
+ #define IS_OFF_T_OPTION(o) (o >= CURLOPTTYPE_OFF_T)
+
+ /* Handle the case of integer arguments */
+--
+2.5.0
+
diff --git a/SOURCES/0202-Add-libcurl-7.34.0-sslversion-options.patch b/SOURCES/0202-Add-libcurl-7.34.0-sslversion-options.patch
new file mode 100644
index 0000000..cfc72e0
--- /dev/null
+++ b/SOURCES/0202-Add-libcurl-7.34.0-sslversion-options.patch
@@ -0,0 +1,32 @@
+From 3f749c418098f71a2480a46ed0fc45efb78127c7 Mon Sep 17 00:00:00 2001
+From: Oleg Pudeyev <oleg@bsdpower.com>
+Date: Tue, 19 May 2015 11:41:27 -0400
+Subject: [PATCH] Add libcurl 7.34.0 sslversion options
+
+Upstream-commit: 83ccaa22e824b1bd9d2c60cab10dff323c7d0ca4
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/pycurl.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/pycurl.c b/src/pycurl.c
+index c523d5f..09db588 100644
+--- a/src/pycurl.c
++++ b/src/pycurl.c
+@@ -3737,9 +3737,12 @@ initpycurl(void)
+
+ /* constants for setopt(SSLVERSION, x) */
+ insint_c(d, "SSLVERSION_DEFAULT", CURL_SSLVERSION_DEFAULT);
+- insint_c(d, "SSLVERSION_TLSv1", CURL_SSLVERSION_TLSv1);
+ insint_c(d, "SSLVERSION_SSLv2", CURL_SSLVERSION_SSLv2);
+ insint_c(d, "SSLVERSION_SSLv3", CURL_SSLVERSION_SSLv3);
++ insint_c(d, "SSLVERSION_TLSv1", CURL_SSLVERSION_TLSv1);
++ insint_c(d, "SSLVERSION_TLSv1_0", CURL_SSLVERSION_TLSv1_0);
++ insint_c(d, "SSLVERSION_TLSv1_1", CURL_SSLVERSION_TLSv1_1);
++ insint_c(d, "SSLVERSION_TLSv1_2", CURL_SSLVERSION_TLSv1_2);
+
+ /* curl_TimeCond: constants for setopt(TIMECONDITION, x) */
+ insint_c(d, "TIMECONDITION_NONE", CURL_TIMECOND_NONE);
+--
+2.5.0
+
diff --git a/SPECS/python-pycurl.spec b/SPECS/python-pycurl.spec
index 9368695..1b4ef0c 100644
--- a/SPECS/python-pycurl.spec
+++ b/SPECS/python-pycurl.spec
@@ -2,7 +2,7 @@
Name: python-pycurl
Version: 7.19.0
-Release: 17%{?dist}
+Release: 19%{?dist}
Summary: A Python interface to libcurl
Group: Development/Languages
@@ -24,11 +24,17 @@ Patch103: 0103-pycurl.c-allow-to-return-1-from-write-callback.patch
Patch104: 0104-test_write_abort.py-test-returning-1-from-write-call.patch
Patch105: 0105-add-the-GLOBAL_ACK_EINTR-constant-to-the-list-of-exp.patch
+# RHEL patches
+Patch201: 0201-Keep-a-reference-to-the-object-used-for-CURLOPT_POST.patch
+Patch202: 0202-Add-libcurl-7.34.0-sslversion-options.patch
+
Requires: keyutils-libs
BuildRequires: python-devel
-BuildRequires: curl-devel >= 7.19.0
BuildRequires: openssl-devel
+# curl-7.29.0-16 or newer is needed for CURL_SSLVERSION_TLSv1_[0-2]
+BuildRequires: libcurl-devel >= 7.29.0-16
+
# During its initialization, PycURL checks that the actual libcurl version
# is not lower than the one used when PycURL was built.
# Yes, that should be handled by library versioning (which would then get
@@ -59,6 +65,8 @@ of features.
%patch103 -p1
%patch104 -p1
%patch105 -p1
+%patch201 -p1
+%patch202 -p1
chmod a-x examples/*
%build
@@ -77,6 +85,12 @@ rm -rf %{buildroot}%{_datadir}/doc/pycurl
%{python_sitearch}/*
%changelog
+* Mon Sep 07 2015 Kamil Dudka <kdudka@redhat.com> - 7.19.0-19
+- introduce SSLVERSION_TLSv1_[0-2] (#1260407)
+
+* Wed Oct 15 2014 Kamil Dudka <kdudka@redhat.com> - 7.19.0-18
+- fix a use-after-free bug in handling pycurl.POSTFIELDS (#1153321)
+
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 7.19.0-17
- Mass rebuild 2014-01-24