diff --git a/bind-9.11.4-P2.tar.gz b/bind-9.11.4-P2.tar.gz
deleted file mode 100644
index 356af5beed75cbe98e187f42836ee0fb23102c54..0000000000000000000000000000000000000000
Binary files a/bind-9.11.4-P2.tar.gz and /dev/null differ
diff --git a/bind-9.16-CVE-2022-38177.patch b/bind-9.16-CVE-2022-38177.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d40ea61b835e48272000dc49312f50e06f6f173d
--- /dev/null
+++ b/bind-9.16-CVE-2022-38177.patch
@@ -0,0 +1,27 @@
+From 0095b8a6b09173ab5eb48611dc0233d2a6337dc1 Mon Sep 17 00:00:00 2001
+From: Petr Mensik <pemensik@redhat.com>
+Date: Tue, 20 Sep 2022 11:21:45 +0200
+Subject: [PATCH] Fix CVE-2022-38177
+
+5961.	[security]	Fix memory leak in ECDSA verify processing.
+			(CVE-2022-38177) [GL #3487]
+---
+ lib/dns/opensslecdsa_link.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
+index 83b5b51..7576e04 100644
+--- a/lib/dns/opensslecdsa_link.c
++++ b/lib/dns/opensslecdsa_link.c
+@@ -224,7 +224,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
+ 		siglen = DNS_SIG_ECDSA384SIZE;
+ 
+ 	if (sig->length != siglen)
+-		return (DST_R_VERIFYFAILURE);
++		DST_RET(DST_R_VERIFYFAILURE);
+ 
+ 	if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &dgstlen))
+ 		DST_RET (dst__openssl_toresult3(dctx->category,
+-- 
+2.37.3
+
diff --git a/bind-9.16-CVE-2022-38178.patch b/bind-9.16-CVE-2022-38178.patch
new file mode 100644
index 0000000000000000000000000000000000000000..eb45109d8974a99f6bcb16cd66f6d86ee9d7db2a
--- /dev/null
+++ b/bind-9.16-CVE-2022-38178.patch
@@ -0,0 +1,27 @@
+From bb68864bf05d29df644427ec841bc3db6a336519 Mon Sep 17 00:00:00 2001
+From: Petr Mensik <pemensik@redhat.com>
+Date: Tue, 20 Sep 2022 11:22:47 +0200
+Subject: [PATCH] Fix CVE-2022-38178
+
+5962.	[security]	Fix memory leak in EdDSA verify processing.
+			(CVE-2022-38178) [GL #3487]
+---
+ lib/dns/openssleddsa_link.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c
+index 8b115ec..4f3c2a8 100644
+--- a/lib/dns/openssleddsa_link.c
++++ b/lib/dns/openssleddsa_link.c
+@@ -325,7 +325,7 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
+ 		siglen = DNS_SIG_ED448SIZE;
+ 
+ 	if (sig->length != siglen)
+-		return (DST_R_VERIFYFAILURE);
++		DST_RET(DST_R_VERIFYFAILURE);
+ 
+ 	isc_buffer_usedregion(buf, &tbsreg);
+ 
+-- 
+2.37.3
+
diff --git a/bind.spec b/bind.spec
index 98c23b461326d861875796be9975fa4946cd3126..a2f19a588604c494a2328f69b2f6733f7537dffe 100644
--- a/bind.spec
+++ b/bind.spec
@@ -64,7 +64,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  MPLv2.0
 Version:  9.11.4
-Release:  26%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}.9
+Release:  26%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}.10
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 #
@@ -183,6 +183,8 @@ Patch195: bind-9.11-CVE-2021-25215.patch
 Patch196: bind-9.11-CVE-2021-25214.patch
 Patch197: bind-9.11-rh2011220.patch
 Patch198: bind-9.11-rh1935152.patch
+Patch200: bind-9.16-CVE-2022-38177.patch
+Patch201: bind-9.16-CVE-2022-38178.patch
 
 # SDB patches
 Patch11: bind-9.3.2b2-sdbsrc.patch
@@ -558,6 +560,8 @@ are used for building ISC DHCP.
 %patch196 -p1 -b .CVE-2021-25214
 %patch197 -p1 -b .rh2011220
 %patch198 -p1 -b .rh1935152
+%patch200 -p1 -b .CVE-2022-38177
+%patch201 -p1 -b .CVE-2022-38178
 
 # Override upstream builtin keys
 cp -fp %{SOURCE29} bind.keys
@@ -1539,6 +1543,10 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Thu Sep 22 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.10
+- Fix memory leak in ECDSA verify processing (CVE-2022-38177)
+- Fix memory leak in EdDSA verify processing (CVE-2022-38178)
+
 * Mon Jan 24 2022 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-26.P2.9
 - Fix possible assertion failure isc_refcount_current == 0 in free_rbtdb
   (#1935152)
diff --git a/config-18.tar.bz2 b/config-18.tar.bz2
deleted file mode 100644
index 249ee69b0bf7a58b3403593b2b828ffcbce46fdb..0000000000000000000000000000000000000000
Binary files a/config-18.tar.bz2 and /dev/null differ
diff --git a/dist b/dist
new file mode 100644
index 0000000000000000000000000000000000000000..ad8eb77ba59be071474988a034571694eaa9db8e
--- /dev/null
+++ b/dist
@@ -0,0 +1 @@
+an7_9
diff --git a/download b/download
new file mode 100644
index 0000000000000000000000000000000000000000..edc0e9a1f1c4f5d6bb99275a1c24a16a184a6420
--- /dev/null
+++ b/download
@@ -0,0 +1,2 @@
+3b831d1cb9dcb3e0868409cf98d4519b  bind-9.11.4-P2.tar.gz
+7be5da3188e49bb57b4d7b683139beb1  config-18.tar.bz2