diff --git a/SOURCES/0003-logrotate-3.14.0-broken-symlink.patch b/SOURCES/0003-logrotate-3.14.0-broken-symlink.patch
new file mode 100644
index 0000000..14cfaed
--- /dev/null
+++ b/SOURCES/0003-logrotate-3.14.0-broken-symlink.patch
@@ -0,0 +1,89 @@
+From b98dd1933b1ebf5c86041bf135af421fe1ce4fc9 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Fri, 28 Jun 2019 18:22:39 +0200
+Subject: [PATCH] globerr: do not abort globbing on broken symlink
+
+Fixes #251
+
+Upstream-commit: 4297f01103915f4ee356d37bdb35e8c41bbbdb28
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ config.c               | 16 +++++++++++++---
+ test/Makefile.am       |  1 +
+ test/test-0084.sh      | 14 ++++++++++++++
+ test/test-config.84.in |  3 +++
+ 4 files changed, 31 insertions(+), 3 deletions(-)
+ create mode 100755 test/test-0084.sh
+ create mode 100644 test/test-config.84.in
+
+diff --git a/config.c b/config.c
+index e4807c9..1805a16 100644
+--- a/config.c
++++ b/config.c
+@@ -834,9 +834,19 @@ static int globerr(const char *pathname, int theerr)
+ {
+     (void) pathname;
+ 
+-    /* A missing directory is not an error, so return 0 */
+-    if (theerr == ENOTDIR)
+-        return 0;
++    /* prevent glob() from being aborted in certain cases */
++    switch (theerr) {
++        case ENOTDIR:
++            /* non-directory where directory was expected by the glob */
++            return 0;
++
++        case ENOENT:
++            /* most likely symlink with non-existent target */
++            return 0;
++
++        default:
++            break;
++    }
+ 
+     glob_errno = theerr;
+ 
+diff --git a/test/Makefile.am b/test/Makefile.am
+index 5e838d1..35ba2b9 100644
+--- a/test/Makefile.am
++++ b/test/Makefile.am
+@@ -76,6 +76,7 @@ TEST_CASES = \
+ 	test-0075.sh \
+ 	test-0076.sh \
+ 	test-0077.sh \
++	test-0084.sh \
+ 	test-0100.sh \
+ 	test-0101.sh
+ 
+diff --git a/test/test-0084.sh b/test/test-0084.sh
+new file mode 100755
+index 0000000..1389331
+--- /dev/null
++++ b/test/test-0084.sh
+@@ -0,0 +1,14 @@
++#!/bin/bash
++
++. ./test-common.sh
++
++cleanup 84
++
++# ------------------------------- Test 84 ------------------------------------
++preptest test.log 84 1
++
++mkdir -p log/dir
++ln -s XXX log/sym
++touch log/dir/file
++
++$RLR test-config.84 -v --force
+diff --git a/test/test-config.84.in b/test/test-config.84.in
+new file mode 100644
+index 0000000..1a79bfe
+--- /dev/null
++++ b/test/test-config.84.in
+@@ -0,0 +1,3 @@
++&DIR&/log/*/* {
++    rotate 1
++}
+-- 
+2.21.3
+
diff --git a/SOURCES/0004-logrotate-3.14.0-man-page-su.patch b/SOURCES/0004-logrotate-3.14.0-man-page-su.patch
new file mode 100644
index 0000000..4809a72
--- /dev/null
+++ b/SOURCES/0004-logrotate-3.14.0-man-page-su.patch
@@ -0,0 +1,37 @@
+From 893ab396daffebfe5bb97e9fcf0adbd7fda1b828 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Fri, 18 Jan 2019 16:10:56 +0100
+Subject: [PATCH] logrotate.8: encourage admins to use the `su` directive
+
+... to rotate files in directories that are directly or indirectly in
+control of non-privileged users.  Originally reported in the following
+pull request:
+
+https://github.com/logrotate/logrotate/pull/235
+
+Closes #236
+
+Upstream-commit: 3e170c0609a18e0bb5fd7f647cb877221d576456
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ logrotate.8.in | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/logrotate.8.in b/logrotate.8.in
+index 56c4a32..ee26821 100644
+--- a/logrotate.8.in
++++ b/logrotate.8.in
+@@ -575,7 +575,9 @@ user/group (usually root). \fIuser\fR specifies the user name used for
+ rotation and \fIgroup\fR specifies the group used for rotation. If the
+ user/group you specify here does not have sufficient privilege to make 
+ files with the ownership you've specified in a \fIcreate\fR instruction, 
+-it will cause an error.
++it will cause an error.  If logrotate runs with root privileges, it is
++recommended to use the \fBsu\fR directive to rotate files in directories
++that are directly or indirectly in control of non-privileged users.
+ 
+ .TP
+ \fBtabooext\fR [+] \fIlist\fR
+-- 
+2.21.3
+
diff --git a/SPECS/logrotate.spec b/SPECS/logrotate.spec
index 6a6d107..51fec39 100644
--- a/SPECS/logrotate.spec
+++ b/SPECS/logrotate.spec
@@ -1,7 +1,7 @@
 Summary: Rotates, compresses, removes and mails system log files
 Name: logrotate
 Version: 3.14.0
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Url: https://github.com/logrotate/logrotate
 Source: https://github.com/logrotate/logrotate/releases/download/%{version}/logrotate-%{version}.tar.xz
@@ -22,6 +22,12 @@ Patch1:   0001-logrotate-3.14.0-man-version.patch
 # fix programming mistakes detected by Coverity Analysis
 Patch2:   0002-logrotate-3.14.0-coverity.patch
 
+# do not abort globbing on broken symlink (#1723265)
+Patch3:   0003-logrotate-3.14.0-broken-symlink.patch
+
+# logrotate.8: encourage admins to use the `su` directive (#1759770)
+Patch4:   0004-logrotate-3.14.0-man-page-su.patch
+
 %description
 The logrotate utility is designed to simplify the administration of
 log files on a system which generates a lot of log files.  Logrotate
@@ -107,6 +113,10 @@ fi
 %config(noreplace) %{_sysconfdir}/rwtab.d/logrotate
 
 %changelog
+* Wed May 06 2020 Kamil Dudka <kdudka@redhat.com> - 3.14.0-4
+- logrotate.8: encourage admins to use the `su` directive (#1759770)
+- do not abort globbing on broken symlink (#1723265)
+
 * Fri Aug 10 2018 Kamil Dudka <kdudka@redhat.com> - 3.14.0-3
 - fix programming mistakes detected by Coverity Analysis
 - document the --version option in the logrotate(8) man page (#1611498)