diff --git a/backport-Consider-POPT_CONTEXT_KEEP_FIRST-during-reset.patch b/backport-Consider-POPT_CONTEXT_KEEP_FIRST-during-reset.patch
new file mode 100644
index 0000000000000000000000000000000000000000..30324b56a291b5bdc465f575c9400d0961391234
--- /dev/null
+++ b/backport-Consider-POPT_CONTEXT_KEEP_FIRST-during-reset.patch
@@ -0,0 +1,38 @@
+From cd32d1c7da8265a06491d72190c649496ae2f489 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Sun, 16 Aug 2020 20:39:20 +0200
+Subject: [PATCH] Consider POPT_CONTEXT_KEEP_FIRST during reset.
+
+If context is created with POPT_CONTEXT_KEEP_FIRST flag, then the
+first argv entry is parsed as well (argv[0] is normally the program
+name).
+
+Calling poptResetContext should reset the context exactly back into
+the state in wich it was after poptGetContext.
+
+Unfortunately the "next" value is always set to 1, i.e. pointing
+towards argv[1]. Consider POPT_CONTEXT_KEEP_FIRST. If it is set,
+point to argv[0] just like poptGetContext does.
+---
+ src/popt.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/popt.c b/src/popt.c
+index c08b3c9..b7d9478 100644
+--- a/src/popt.c
++++ b/src/popt.c
+@@ -210,7 +210,10 @@ void poptResetContext(poptContext con)
+     con->os->currAlias = NULL;
+     con->os->nextCharArg = NULL;
+     con->os->nextArg = _free(con->os->nextArg);
+-    con->os->next = 1;			/* skip argv[0] */
++    if (!(con->flags & POPT_CONTEXT_KEEP_FIRST))
++	con->os->next = 1;		/* skip argv[0] */
++    else
++	con->os->next = 0;
+ 
+     con->numLeftovers = 0;
+     con->nextLeftover = 0;
+-- 
+2.27.0
+
diff --git a/backport-Fix-incorrect-handling-of-leftovers-with-poptStuffAr.patch b/backport-Fix-incorrect-handling-of-leftovers-with-poptStuffAr.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f8d51329bb99e15cb2d27b548784c581aeff740a
--- /dev/null
+++ b/backport-Fix-incorrect-handling-of-leftovers-with-poptStuffAr.patch
@@ -0,0 +1,87 @@
+From 7219e1ddc1e8606dda18c1105df0d45d8e8e0e09 Mon Sep 17 00:00:00 2001
+From: Richard Levitte <richard@levitte.org>
+Date: Mon, 29 Jun 2020 11:56:00 -0400
+Subject: [PATCH] Fix incorrect handling of leftovers with poptStuffArgs
+
+If poptStuffArgs() is used twice with the same context, it will invariably
+cause memory corruption and possibly memory leaks or a crash.
+
+Change the allocation of leftOvers so it adapts to the input on the fly
+instead of trying to pre-allocate it in one go.
+---
+ src/popt.c    | 24 ++++++++++++++++++++++--
+ src/poptint.h |  1 +
+ 2 files changed, 23 insertions(+), 2 deletions(-)
+
+diff --git a/src/popt.c b/src/popt.c
+index b7d9478..ab7b54f 100644
+--- a/src/popt.c
++++ b/src/popt.c
+@@ -168,6 +168,7 @@ poptContext poptGetContext(const char * name, int argc, const char ** argv,
+ 	con->os->next = 1;		/* skip argv[0] */
+ 
+     con->leftovers = calloc( (size_t)(argc + 1), sizeof(*con->leftovers) );
++    con->allocLeftovers = argc + 1;
+     con->options = options;
+     con->aliases = NULL;
+     con->numAliases = 0;
+@@ -1272,8 +1273,21 @@ int poptGetNextOpt(poptContext con)
+ 		    con->os->nextArg = xstrdup(origOptString);
+ 		    return 0;
+ 		}
+-		if (con->leftovers != NULL)	/* XXX can't happen */
+-		    con->leftovers[con->numLeftovers++] = origOptString;
++		if (con->leftovers != NULL) {	/* XXX can't happen */
++		    /* One might think we can never overflow the leftovers
++		       array.  Actually, that's true, as long as you don't
++		       use poptStuffArgs()... */
++		    if ((con->numLeftovers + 1) >= (con->allocLeftovers)) {
++			con->allocLeftovers += 10;
++			con->leftovers =
++			    realloc(con->leftovers,
++				    sizeof(*con->leftovers) * con->allocLeftovers);
++		    }
++		    con->leftovers[con->numLeftovers++]
++			= xstrdup(origOptString); /* so a free of a stuffed
++						     argv doesn't give us a
++						     dangling pointer */
++		}
+ 		continue;
+ 	    }
+ 
+@@ -1521,6 +1535,8 @@ poptItem poptFreeItems(poptItem items, int nitems)
+ 
+ poptContext poptFreeContext(poptContext con)
+ {
++    int i;
++
+     if (con == NULL) return con;
+     poptResetContext(con);
+ 
+@@ -1530,7 +1546,11 @@ poptContext poptFreeContext(poptContext con)
+     con->execs = poptFreeItems(con->execs, con->numExecs);
+     con->numExecs = 0;
+ 
++    for (i = 0; i < con->numLeftovers; i++) {
++        con->leftovers[i] = _free(&con->leftovers[i]);
++    }
+     con->leftovers = _free(con->leftovers);
++
+     con->finalArgv = _free(con->finalArgv);
+     con->appName = _free(con->appName);
+     con->otherHelp = _free(con->otherHelp);
+diff --git a/src/poptint.h b/src/poptint.h
+index b64e123..d4d6e90 100644
+--- a/src/poptint.h
++++ b/src/poptint.h
+@@ -94,6 +94,7 @@ struct poptContext_s {
+     struct optionStackEntry * os;
+     poptArgv leftovers;
+     int numLeftovers;
++    int allocLeftovers;
+     int nextLeftover;
+     const struct poptOption * options;
+     int restLeftover;
+-- 
+2.27.0
+
diff --git a/backport-Fix-memory-leak-regressions-in-popt-1.18.patch b/backport-Fix-memory-leak-regressions-in-popt-1.18.patch
new file mode 100644
index 0000000000000000000000000000000000000000..bbc58085fca61cc0a37a7f0ad4dcbed8315a26ca
--- /dev/null
+++ b/backport-Fix-memory-leak-regressions-in-popt-1.18.patch
@@ -0,0 +1,38 @@
+From 7182e4618ad5a0186145fc2aa4a98c2229afdfa8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Wed, 5 Jan 2022 14:51:55 +0100
+Subject: [PATCH] Fix memory leak regressions in popt 1.18
+
+Fix memory leak regression introduced in commit
+7219e1ddc1e8606dda18c1105df0d45d8e8e0e09. Free the actual content, not
+the array multiple times, and free on reset.
+---
+ src/popt.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/popt.c b/src/popt.c
+index 0521c8d..f3f26a3 100644
+--- a/src/popt.c
++++ b/src/popt.c
+@@ -216,6 +216,9 @@ void poptResetContext(poptContext con)
+     else
+ 	con->os->next = 0;
+ 
++    for (i = 0; i < con->numLeftovers; i++) {
++        con->leftovers[i] = _free(con->leftovers[i]);
++    }
+     con->numLeftovers = 0;
+     con->nextLeftover = 0;
+     con->restLeftover = 0;
+@@ -1534,7 +1537,7 @@ poptContext poptFreeContext(poptContext con)
+     con->numExecs = 0;
+ 
+     for (i = 0; i < con->numLeftovers; i++) {
+-        con->leftovers[i] = _free(&con->leftovers[i]);
++        con->leftovers[i] = _free(con->leftovers[i]);
+     }
+     con->leftovers = _free(con->leftovers);
+ 
+-- 
+2.27.0
+
diff --git a/popt.spec b/popt.spec
index eb5ffefb01345ac0a8680c87d913c6bc18d9d661..5c3ba4f1e61e11c79bcc166ff2bf12fe33feb8d6 100644
--- a/popt.spec
+++ b/popt.spec
@@ -1,6 +1,6 @@
 Name:		popt
 Version:	1.18
-Release:        1
+Release:        2
 Summary:	C library for parsing command line parameters
 License:	MIT
 URL:		https://github.com/rpm-software-management/popt/
@@ -10,6 +10,9 @@ Patch0: 	fix-obscure-iconv-mis-call-error-path-could-lead-to-.patch
 Patch1: 	fix-handle-newly-added-asset-.-call-like-elsewhere.patch
 Patch2: 	fix-permit-reading-aliases-remove-left-over-goto-exi.patch
 Patch3: 	fix-coverity-CID-1057440-Unused-pointer-value-UNUSED.patch
+Patch4: 	backport-Consider-POPT_CONTEXT_KEEP_FIRST-during-reset.patch
+Patch5: 	backport-Fix-incorrect-handling-of-leftovers-with-poptStuffAr.patch
+Patch6: 	backport-Fix-memory-leak-regressions-in-popt-1.18.patch
 
 BuildRequires:	gcc git gettext
 
@@ -79,6 +82,9 @@ make check
 %{_mandir}/man3/%{name}.3.gz
 
 %changelog
+* Mon Aug 15 2022 panxiaohe <panxh.life@foxmail.com> - 1.18-2
+- Fix incorrect handling of leftovers with poptStuffArgs and memory leak
+
 * Sat Jul 25 2020 zhangxingliang <zhangxingliang3@huawei.com> - 1.18-1
 - Type:update
 - ID:NA