diff --git a/backport-extensions-recent-Fix-format-string-for-unsigned-values.patch b/backport-extensions-recent-Fix-format-string-for-unsigned-values.patch
new file mode 100644
index 0000000000000000000000000000000000000000..2f165f87f32c5e5627cdbcc02a6e6d1f59ee9a27
--- /dev/null
+++ b/backport-extensions-recent-Fix-format-string-for-unsigned-values.patch
@@ -0,0 +1,57 @@
+From 8696f659eadd58505469841a3af16ad2c830e8e5 Mon Sep 17 00:00:00 2001
+From: Phil Sutter <phil@nwl.cc>
+Date: Thu, 20 Jun 2024 18:17:16 +0200
+Subject: extensions: recent: Fix format string for unsigned values
+
+Both fields 'seconds' and 'hit_count' are unsigned, use '%u'
+accordingly. While being at it, also fix coding-style in those lines.
+
+Basically a day-1 bug, have Fixes: point at a reasonably old commit.
+
+Fixes: af1660fe0e88c ("Move libipt_recent to libxt_recent")
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+
+Conflict:NA
+Reference:https://git.netfilter.org/iptables/commit/?id=8696f659eadd58505469841a3af16ad2c830e8e5
+
+---
+ extensions/libxt_recent.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c
+index 055ae350..0221d446 100644
+--- a/extensions/libxt_recent.c
++++ b/extensions/libxt_recent.c
+@@ -193,10 +193,12 @@ static void recent_print(const void *ip, const struct xt_entry_match *match,
+ 		printf(" UPDATE");
+ 	if (info->check_set & XT_RECENT_REMOVE)
+ 		printf(" REMOVE");
+-	if(info->seconds) printf(" seconds: %d", info->seconds);
++	if (info->seconds)
++		printf(" seconds: %u", info->seconds);
+ 	if (info->check_set & XT_RECENT_REAP)
+ 		printf(" reap");
+-	if(info->hit_count) printf(" hit_count: %d", info->hit_count);
++	if (info->hit_count)
++		printf(" hit_count: %u", info->hit_count);
+ 	if (info->check_set & XT_RECENT_TTL)
+ 		printf(" TTL-Match");
+ 	printf(" name: %s", info->name);
+@@ -233,10 +235,12 @@ static void recent_save(const void *ip, const struct xt_entry_match *match,
+ 		printf(" --update");
+ 	if (info->check_set & XT_RECENT_REMOVE)
+ 		printf(" --remove");
+-	if(info->seconds) printf(" --seconds %d", info->seconds);
++	if (info->seconds)
++		printf(" --seconds %u", info->seconds);
+ 	if (info->check_set & XT_RECENT_REAP)
+ 		printf(" --reap");
+-	if(info->hit_count) printf(" --hitcount %d", info->hit_count);
++	if (info->hit_count)
++		printf(" --hitcount %u", info->hit_count);
+ 	if (info->check_set & XT_RECENT_TTL)
+ 		printf(" --rttl");
+ 	printf(" --name %s",info->name);
+-- 
+cgit v1.2.3
+
diff --git a/backport-nft-cmd-Init-struct-nft_cmd-head-early.patch b/backport-nft-cmd-Init-struct-nft_cmd-head-early.patch
new file mode 100644
index 0000000000000000000000000000000000000000..bcbf21e0202b3537f24d8954eff0118bcb243d9e
--- /dev/null
+++ b/backport-nft-cmd-Init-struct-nft_cmd-head-early.patch
@@ -0,0 +1,37 @@
+From db7fc1862b8bd5e2eea83ed4089fcf35fc01c032 Mon Sep 17 00:00:00 2001
+From: Phil Sutter <phil@nwl.cc>
+Date: Tue, 23 Jul 2024 21:31:34 +0200
+Subject: nft: cmd: Init struct nft_cmd::head early
+
+Calling nft_cmd_free() in error case segfaults otherwise if the to be
+freed object is not part of a list yet.
+
+Exposed by commit eab75ed36a4f2 ("nft: Avoid memleak in error path of
+nft_cmd_new()"), but belongs to commit a7f1e208cdf9c (and may go well
+along with it).
+
+Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands")
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+
+Conflict:Context adaptation 
+Reference:https://git.netfilter.org/iptables/commit/?id=db7fc1862b8bd5e2eea83ed4089fcf35fc01c032
+
+---
+ iptables/nft-cmd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
+index f026c62..207d678 100644
+--- a/iptables/nft-cmd.c
++++ b/iptables/nft-cmd.c
+@@ -26,6 +26,7 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command,
+ 	if (!cmd)
+ 		return NULL;
+ 
++	INIT_LIST_HEAD(&cmd->head);
+ 	cmd->error.lineno = h->error.lineno;
+ 	cmd->command = command;
+ 	cmd->table = strdup(table);
+-- 
+2.33.0
+
diff --git a/iptables.spec b/iptables.spec
index 656ea7570b4dc27e184f69eafa342ce644fe3165..49e3023eb559e9e2d817eb1c838867f63bbde031 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -2,7 +2,7 @@
 %global legacy_actions %{_libexecdir}/initscripts/legacy-actions
 Name:		  iptables
 Version:	  1.8.7
-Release:	  18
+Release:	  19
 Summary:	  IP packet filter administration utilities
 License:	  GPL-2.0-only and Artistic-2.0
 URL:		  https://www.netfilter.org/
@@ -48,6 +48,8 @@ Patch30:      backport-libiptc-Fix-for-segfault-when-renaming-a-chain.patch
 Patch31:      backport-libiptc-Fix-for-another-segfault-due-to-chain-index-NULL-pointer.patch
 Patch32:      backport-libxtables-Fix-memleak-of-matches-udata.patch
 Patch33:      backport-Fix-parsing-of-empty-string-arg-in-c-option.patch
+Patch34:      backport-extensions-recent-Fix-format-string-for-unsigned-values.patch
+Patch35:      backport-nft-cmd-Init-struct-nft_cmd-head-early.patch
 
 BuildRequires:    bison flex gcc kernel-headers libpcap-devel libselinux-devel systemd
 BuildRequires:    libmnl-devel libnetfilter_conntrack-devel libnfnetlink-devel libnftnl-devel
@@ -350,6 +352,13 @@ fi
 %{_mandir}/man8/xtables-legacy*
 
 %changelog
+* Thu Nov 21 2024 yanglu <yanglu72@h-partners.com> - 1.8.7-19
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:extensions:recent:Fix format string for unsigned values
+       nft:cmd:Init struct nft_cmd::head early
+
 * Mon Sep 30 2024 zhouyihang <zhouyihang3@h-partners.com> - 1.8.7-18
 - Type:bugfix
 - CVE:NA