diff --git a/0010-pgm-fix-the-way-we-step-through-the-packet.patch b/0010-pgm-fix-the-way-we-step-through-the-packet.patch
new file mode 100644
index 0000000..58584b0
--- /dev/null
+++ b/0010-pgm-fix-the-way-we-step-through-the-packet.patch
@@ -0,0 +1,154 @@
+From 9ce43fa1e06b1ac2ddf1630a0e90337136ea27c5 Mon Sep 17 00:00:00 2001
+From: Guy Harris <gharris@sonic.net>
+Date: Mon, 21 Aug 2023 23:15:14 -0700
+Subject: [PATCH] pgm: fix the way we step through the packet.
+
+Step past the PGM header after we finish processing it and before we
+process the message-type-specific header.
+
+Step past the message-type-specific fixed-length header before we
+process the stuff after that header.
+
+This makes the code a bit clearer (by explicitly advancing bp by the
+size of the stuff we just processed, rather than doing so by trickery
+involving adding 1 to a pointer to a structure), and fixes the
+processing of message types that don't have a message-type-specific
+header (where we weren't stepping past the PGM header).  It also affects
+the way we handle messages of an unknown type.
+
+(cherry picked from commit 9a3eebde95cf1032ac68ae4312e2db14bb1fe58d)
+---
+ print-pgm.c               | 29 +++++++++++++++--------------
+ tests/pgm_opts_asan.out   |  2 +-
+ tests/pgm_opts_asan_2.out |  2 +-
+ tests/pgm_opts_asan_3.out |  2 +-
+ 4 files changed, 18 insertions(+), 17 deletions(-)
+
+diff --git a/print-pgm.c b/print-pgm.c
+index ccb0b46a..8a7e215b 100644
+--- a/print-pgm.c
++++ b/print-pgm.c
+@@ -220,13 +220,14 @@ pgm_print(netdissect_options *ndo,
+ 		     pgm->pgm_gsid[3],
+                      pgm->pgm_gsid[4],
+                      pgm->pgm_gsid[5]);
++	bp += sizeof(struct pgm_header);
+ 	switch (pgm_type_val) {
+ 	case PGM_SPM: {
+ 	    const struct pgm_spm *spm;
+ 
+-	    spm = (const struct pgm_spm *)(pgm + 1);
++	    spm = (const struct pgm_spm *)bp;
+ 	    ND_TCHECK_SIZE(spm);
+-	    bp = (const u_char *) (spm + 1);
++	    bp += sizeof(struct pgm_spm);
+ 
+ 	    switch (GET_BE_U_2(spm->pgms_nla_afi)) {
+ 	    case AFNUM_INET:
+@@ -256,9 +257,9 @@ pgm_print(netdissect_options *ndo,
+ 	    const struct pgm_poll *pgm_poll;
+ 	    uint32_t ivl, rnd, mask;
+ 
+-	    pgm_poll = (const struct pgm_poll *)(pgm + 1);
++	    pgm_poll = (const struct pgm_poll *)bp;
+ 	    ND_TCHECK_SIZE(pgm_poll);
+-	    bp = (const u_char *) (pgm_poll + 1);
++	    bp += sizeof(struct pgm_poll);
+ 
+ 	    switch (GET_BE_U_2(pgm_poll->pgmp_nla_afi)) {
+ 	    case AFNUM_INET:
+@@ -294,35 +295,35 @@ pgm_print(netdissect_options *ndo,
+ 	case PGM_POLR: {
+ 	    const struct pgm_polr *polr_msg;
+ 
+-	    polr_msg = (const struct pgm_polr *)(pgm + 1);
++	    polr_msg = (const struct pgm_polr *)bp;
+ 	    ND_TCHECK_SIZE(polr_msg);
+ 	    ND_PRINT("POLR seq %u round %u",
+ 			 GET_BE_U_4(polr_msg->pgmp_seq),
+ 			 GET_BE_U_2(polr_msg->pgmp_round));
+-	    bp = (const u_char *) (polr_msg + 1);
++	    bp += sizeof(struct pgm_polr);
+ 	    break;
+ 	}
+ 	case PGM_ODATA: {
+ 	    const struct pgm_data *odata;
+ 
+-	    odata = (const struct pgm_data *)(pgm + 1);
++	    odata = (const struct pgm_data *)bp;
+ 	    ND_TCHECK_SIZE(odata);
+ 	    ND_PRINT("ODATA trail %u seq %u",
+ 			 GET_BE_U_4(odata->pgmd_trailseq),
+ 			 GET_BE_U_4(odata->pgmd_seq));
+-	    bp = (const u_char *) (odata + 1);
++	    bp += sizeof(struct pgm_data);
+ 	    break;
+ 	}
+ 
+ 	case PGM_RDATA: {
+ 	    const struct pgm_data *rdata;
+ 
+-	    rdata = (const struct pgm_data *)(pgm + 1);
++	    rdata = (const struct pgm_data *)bp;
+ 	    ND_TCHECK_SIZE(rdata);
+ 	    ND_PRINT("RDATA trail %u seq %u",
+ 			 GET_BE_U_4(rdata->pgmd_trailseq),
+ 			 GET_BE_U_4(rdata->pgmd_seq));
+-	    bp = (const u_char *) (rdata + 1);
++	    bp += sizeof(struct pgm_data);
+ 	    break;
+ 	}
+ 
+@@ -332,9 +333,9 @@ pgm_print(netdissect_options *ndo,
+ 	    const struct pgm_nak *nak;
+ 	    char source_buf[INET6_ADDRSTRLEN], group_buf[INET6_ADDRSTRLEN];
+ 
+-	    nak = (const struct pgm_nak *)(pgm + 1);
++	    nak = (const struct pgm_nak *)bp;
+ 	    ND_TCHECK_SIZE(nak);
+-	    bp = (const u_char *) (nak + 1);
++	    bp += sizeof(struct pgm_nak);
+ 
+ 	    /*
+ 	     * Skip past the source, saving info along the way
+@@ -401,11 +402,11 @@ pgm_print(netdissect_options *ndo,
+ 	case PGM_ACK: {
+ 	    const struct pgm_ack *ack;
+ 
+-	    ack = (const struct pgm_ack *)(pgm + 1);
++	    ack = (const struct pgm_ack *)bp;
+ 	    ND_TCHECK_SIZE(ack);
+ 	    ND_PRINT("ACK seq %u",
+ 			 GET_BE_U_4(ack->pgma_rx_max_seq));
+-	    bp = (const u_char *) (ack + 1);
++	    bp += sizeof(struct pgm_ack);
+ 	    break;
+ 	}
+ 
+diff --git a/tests/pgm_opts_asan.out b/tests/pgm_opts_asan.out
+index 6cc9b065..7527bda3 100644
+--- a/tests/pgm_opts_asan.out
++++ b/tests/pgm_opts_asan.out
+@@ -1,2 +1,2 @@
+     1  00:04:16.587271427 IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->9eb9)!)
+-    128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F [13]  OPT_06 [26]  PATH_NLA [4] [|pgm]
++    128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f[Bad OPT_LENGTH option, length 0 != 4]
+diff --git a/tests/pgm_opts_asan_2.out b/tests/pgm_opts_asan_2.out
+index 1785a571..53830c85 100644
+--- a/tests/pgm_opts_asan_2.out
++++ b/tests/pgm_opts_asan_2.out
+@@ -1,2 +1,2 @@
+     1  00:04:16.587271427 IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->96b9)!)
+-    128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F [13]  OPT_06 [26] [Bad OPT_PGMCC_DATA option, length 4 < 12]
++    128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f[Bad OPT_LENGTH option, length 0 != 4]
+diff --git a/tests/pgm_opts_asan_3.out b/tests/pgm_opts_asan_3.out
+index 2e35f2fa..b8864e29 100644
+--- a/tests/pgm_opts_asan_3.out
++++ b/tests/pgm_opts_asan_3.out
+@@ -1,2 +1,2 @@
+     1  00:04:16.587271427 IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->f814)!)
+-    128.121.89.16 > 0.89.16.63: 128.121.89.16.4 > 0.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F [13]  OPT_06 [26] [Bad OPT_REDIRECT option, length 4 < 8]
++    128.121.89.16 > 0.89.16.63: 128.121.89.16.4 > 0.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f[Bad OPT_LENGTH option, length 0 != 4]
+-- 
+2.41.0
+
diff --git a/0011-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch b/0011-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch
new file mode 100644
index 0000000..a0e379b
--- /dev/null
+++ b/0011-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch
@@ -0,0 +1,48 @@
+From 627a1b7fdceaad8745c438bb0037e59689a1f0df Mon Sep 17 00:00:00 2001
+From: Guy Harris <gharris@sonic.net>
+Date: Tue, 22 Aug 2023 12:23:20 -0700
+Subject: [PATCH] pgm: don't advance bp by the option haeder length twice.
+
+At those points, we've already advanced it by the option header length,
+and opt_len includes that length, so advance bp by opt_len minus the
+option header length.
+
+(cherry picked from commit 09b0447fad52298440e05e7368f9d24492d0b0fe)
+---
+ print-pgm.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/print-pgm.c b/print-pgm.c
+index 8a7e215b..1e67db77 100644
+--- a/print-pgm.c
++++ b/print-pgm.c
+@@ -661,7 +661,7 @@ pgm_print(netdissect_options *ndo,
+ 
+ 		case PGM_OPT_PATH_NLA:
+ 		    ND_PRINT(" PATH_NLA [%u]", opt_len);
+-		    bp += opt_len;
++		    bp += opt_len - 2;
+ 		    opts_len -= opt_len;
+ 		    break;
+ 
+@@ -703,7 +703,7 @@ pgm_print(netdissect_options *ndo,
+ 
+ 		case PGM_OPT_CR:
+ 		    ND_PRINT(" CR");
+-		    bp += opt_len;
++		    bp += opt_len - 2;
+ 		    opts_len -= opt_len;
+ 		    break;
+ 
+@@ -807,7 +807,7 @@ pgm_print(netdissect_options *ndo,
+ 
+ 		default:
+ 		    ND_PRINT(" OPT_%02X [%u] ", opt_type, opt_len);
+-		    bp += opt_len;
++		    bp += opt_len - 2;
+ 		    opts_len -= opt_len;
+ 		    break;
+ 		}
+-- 
+2.41.0
+
diff --git a/tcpdump.spec b/tcpdump.spec
index d5d836d..7603730 100644
--- a/tcpdump.spec
+++ b/tcpdump.spec
@@ -2,7 +2,7 @@ Summary: A network traffic monitoring tool
 Name: tcpdump
 Epoch: 14
 Version: 4.99.0
-Release: 7%{?dist}
+Release: 8%{?dist}
 License: BSD with advertising
 URL: http://www.tcpdump.org
 Requires(pre): shadow-utils
@@ -17,6 +17,8 @@ Patch0002:      0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
 Patch0003:      0003-Drop-root-priviledges-before-opening-first-savefile-.patch
 Patch0007:      0007-Introduce-nn-option.patch
 Patch0009:      0009-Change-n-flag-to-nn-in-TESTonce.patch
+Patch0010:      0010-pgm-fix-the-way-we-step-through-the-packet.patch
+Patch0011:      0011-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch
 
 %define tcpslice_dir tcpslice-1.3
 
@@ -81,6 +83,9 @@ exit 0
 %{_mandir}/man8/tcpdump.8*
 
 %changelog
+* Wed Nov 01 2023 Pavol Žáčik <pzacik@redhat.com> - 14:4.99.0-8
+- Resolves: RHEL-10714 - Fix PGM option printing
+
 * Wed May 24 2023 Michal Ruprich <mruprich@redhat.com> - 14:4.99.0-7
 - Resolves: #2188429 - enable GUESS_TSO for large packets