diff --git a/SOURCES/bz1602698.patch b/SOURCES/bz1602698.patch
new file mode 100644
index 0000000..3caddde
--- /dev/null
+++ b/SOURCES/bz1602698.patch
@@ -0,0 +1,95 @@
+diff -Nupr a/squashfs-tools/action.c b/squashfs-tools/action.c
+--- a/squashfs-tools/action.c	2014-05-09 23:54:13.000000000 -0500
++++ b/squashfs-tools/action.c	2019-04-18 10:59:53.140496887 -0500
+@@ -1094,8 +1094,14 @@ static int parse_sym_mode_args(struct ac
+ 	for (i = 0; i < args; i++) {
+ 		struct mode_data *entry = parse_sym_mode_arg(argv[i]);
+ 
+-		if (entry == NULL)
++		if (entry == NULL) {
++			while (head) {
++				cur = head;
++				head = head->next;
++				free(cur);
++			}
+ 			return 0;
++		}
+ 
+ 		if (cur) {
+ 			cur->next = entry;
+diff -Nupr a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+--- a/squashfs-tools/mksquashfs.c	2019-04-18 10:51:05.975460126 -0500
++++ b/squashfs-tools/mksquashfs.c	2019-04-18 11:04:16.860682497 -0500
+@@ -3537,11 +3537,11 @@ void dir_scan2(struct dir_info *dir, str
+ 			char *subpath = strdup(subpathname(dir_ent));
+ 			struct dir_info *sub_dir = scan1_opendir("", subpath,
+ 						dir->depth + 1);
++			free(subpath);
+ 			if(sub_dir == NULL) {
+ 				ERROR_START("Could not create pseudo directory "
+ 					"\"%s\"", pseudo_ent->pathname);
+ 				ERROR_EXIT(", skipping...\n");
+-				free(subpath);
+ 				pseudo_ino --;
+ 				continue;
+ 			}
+diff -Nupr a/squashfs-tools/read_fs.c b/squashfs-tools/read_fs.c
+--- a/squashfs-tools/read_fs.c	2014-05-09 23:54:13.000000000 -0500
++++ b/squashfs-tools/read_fs.c	2019-04-18 11:06:32.499233451 -0500
+@@ -974,7 +974,8 @@ long long read_filesystem(char *root_nam
+ 
+ error:
+ 	free(id_table);
+-	free(inode_table);
++	if (inode_table)
++		free(inode_table);
+ 	free(directory_table);
+ 	return 0;
+ }
+diff -Nupr a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+--- a/squashfs-tools/unsquash-4.c	2019-04-18 10:51:05.972460124 -0500
++++ b/squashfs-tools/unsquash-4.c	2019-04-18 11:32:54.600160166 -0500
+@@ -50,9 +50,11 @@ int read_fragment_table_4(long long *dir
+ 			"fragment table index\n");
+ 
+ 	fragment_table = malloc(bytes);
+-	if(fragment_table == NULL)
++	if(fragment_table == NULL) {
++		free(fragment_table_index);
+ 		EXIT_UNSQUASH("read_fragment_table: failed to allocate "
+ 			"fragment table\n");
++	}
+ 
+ 	res = read_fs_bytes(fd, sBlk.s.fragment_table_start,
+ 		SQUASHFS_FRAGMENT_INDEX_BYTES(sBlk.s.fragments),
+@@ -60,7 +62,7 @@ int read_fragment_table_4(long long *dir
+ 	if(res == FALSE) {
+ 		ERROR("read_fragment_table: failed to read fragment table "
+ 			"index\n");
+-		return FALSE;
++		goto out;
+ 	}
+ 	SQUASHFS_INSWAP_FRAGMENT_INDEXES(fragment_table_index, indexes);
+ 
+@@ -75,7 +77,8 @@ int read_fragment_table_4(long long *dir
+ 		if(length == FALSE) {
+ 			ERROR("read_fragment_table: failed to read fragment "
+ 				"table index\n");
+-			return FALSE;
++			res = FALSE;
++			goto out;
+ 		}
+ 	}
+ 
+@@ -83,7 +86,10 @@ int read_fragment_table_4(long long *dir
+ 		SQUASHFS_INSWAP_FRAGMENT_ENTRY(&fragment_table[i]);
+ 
+ 	*directory_table_end = fragment_table_index[0];
+-	return TRUE;
++	res = TRUE;
++out:
++	free(fragment_table_index);
++	return res;
+ }
+ 
+ 
diff --git a/SOURCES/bz1624173.patch b/SOURCES/bz1624173.patch
new file mode 100644
index 0000000..8d1eff9
--- /dev/null
+++ b/SOURCES/bz1624173.patch
@@ -0,0 +1,11 @@
+--- a/squashfs-tools/Makefile	2019-07-24 13:52:09.552920269 -0400
++++ b/squashfs-tools/Makefile	2019-07-24 23:52:47.839665687 -0400
+@@ -107,6 +107,8 @@ XATTR_DEFAULT = 1
+ #        End of BUILD options section         #
+ ###############################################
+ 
++EXTRA_LDFLAGS += -z now -pie
++
+ INCLUDEDIR = -I.
+ INSTALL_DIR = /usr/local/bin
+ 
diff --git a/SOURCES/bz1716278.patch b/SOURCES/bz1716278.patch
new file mode 100644
index 0000000..bde0071
--- /dev/null
+++ b/SOURCES/bz1716278.patch
@@ -0,0 +1,21 @@
+--- a/squashfs-tools/mksquashfs.c	2019-08-06 11:03:34.071402614 -0400
++++ b/squashfs-tools/mksquashfs.c	2019-08-06 11:09:54.063340318 -0400
+@@ -267,6 +267,7 @@ pthread_mutex_t	pos_mutex = PTHREAD_MUTE
+ pthread_mutex_t	dup_mutex = PTHREAD_MUTEX_INITIALIZER;
+ 
+ /* user options that control parallelisation */
++#define MAX_CPUS 256
+ int processors = -1;
+ int bwriter_size;
+ 
+@@ -4124,6 +4125,10 @@ void initialise_threads(int readq, int f
+ #endif
+ 	}
+ 
++	/* Limit the number of processors we're going to use */
++	if(processors > MAX_CPUS)
++		processors = MAX_CPUS;
++
+ 	if(multiply_overflow(processors, 3) ||
+ 			multiply_overflow(processors * 3, sizeof(pthread_t)))
+ 		BAD_ERROR("Processors too large\n");
diff --git a/SPECS/squashfs-tools.spec b/SPECS/squashfs-tools.spec
index c19a9f5..287ab4e 100644
--- a/SPECS/squashfs-tools.spec
+++ b/SPECS/squashfs-tools.spec
@@ -1,7 +1,7 @@
 Summary: Utility for the creation of squashfs filesystems
 Name: squashfs-tools
 Version: 4.3
-Release: 17%{?dist}
+Release: 19%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 URL: http://squashfs.sourceforge.net/
@@ -27,6 +27,13 @@ Patch3:  cve-2015-4645.patch
 Patch4:  local-cve-fix.patch
 # rhbz 1611746
 Patch5:  mksquashfs-sysmacros-fix.patch
+# rhbz 1602698
+Patch6:  bz1602698.patch
+# rhbz 1624173
+Patch7: bz1624173.patch
+# rhbz 1716278
+Patch8: bz1716278.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: zlib-devel
 BuildRequires: xz-devel
@@ -46,6 +53,9 @@ contains the utilities for manipulating squashfs filesystems.
 %patch3 -p1
 %patch4 -p0
 %patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
 
 %build
 pushd squashfs-tools
@@ -72,6 +82,16 @@ rm -rf %{buildroot}
 %{_sbindir}/unsquashfs
 
 %changelog
+* Tue Aug 06 2019 Abhi Das <adas@redhat.com> - 4.3-19
+- rhbz#1602698 - Fix coverity issues
+  rhbz#1624173 - Fix annocheck failures
+  rhbz#1716278 - limit max cpus in mksquashfs
+  Resolves: rhbz#1602698, rhbz#1624173, rhbz#1716278
+
+* Tue Aug 06 2019 Abhi Das <adas@redhat.com> - 4.3-18
+- Add manual gating test
+  Resolves: rhbz#1682413
+
 * Mon Aug 20 2018 Josh Boyer <jwboyer@redhat.com> - 4.3-17
 - Fix build against glibc 2.28
   Resolves: rhbz#1611746