diff --git a/backport-lib-encrypt.c-Do-not-exit-in-error-case.patch b/backport-lib-encrypt.c-Do-not-exit-in-error-case.patch
new file mode 100644
index 0000000000000000000000000000000000000000..74c9eea434778e3419b72b2272e061e0e9414516
--- /dev/null
+++ b/backport-lib-encrypt.c-Do-not-exit-in-error-case.patch
@@ -0,0 +1,38 @@
+From aca4d6cc72e4f3b76b6fffdfabbbaf60f3cb3100 Mon Sep 17 00:00:00 2001
+From: hdliu <dev03108@linx-info.com>
+Date: Tue, 25 Mar 2025 14:54:19 +0800
+Subject: [PATCH 2/2] lib/encrypt.c: Do not exit in error case
+
+If crypt fails, pw_encrypt calls exit. This has the consequence that the
+plaintext password is not cleared.
+
+A valid password can fail if the underlying library does not support it.
+One such example is SHA512, for which the password must not be longer
+than 256 characters on musl. A password longer than this with glibc
+works, so it is actually possible that a user, running passwd, tries to
+enter the old password but the musl-based passwd binary simply exits.
+Let passwd clear the password before exiting.
+
+Reviewed-by: Alejandro Colomar <alx@kernel.org>
+Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+---
+ lib/encrypt.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/encrypt.c b/lib/encrypt.c
+index 7fae31d..be1e03e 100644
+--- a/lib/encrypt.c
++++ b/lib/encrypt.c
+@@ -90,7 +90,8 @@
+ 		(void) fprintf (shadow_logfd,
+ 		                _("crypt method not supported by libcrypt? (%s)\n"),
+ 		                method);
+-		exit (EXIT_FAILURE);
++		errno = EINVAL;
++		return NULL;
+ 	}
+ 
+ 	if (strlen (cp) != 13) {
+-- 
+2.33.0
+
diff --git a/backport-src-gpasswd-Clear-password-in-more-cases.patch b/backport-src-gpasswd-Clear-password-in-more-cases.patch
new file mode 100644
index 0000000000000000000000000000000000000000..2e99b374d3b735953c3097dbca2eb02a7803c3ab
--- /dev/null
+++ b/backport-src-gpasswd-Clear-password-in-more-cases.patch
@@ -0,0 +1,37 @@
+From 7e961685a7ee00ab3530cb4cb85fb91070870c61 Mon Sep 17 00:00:00 2001
+From: hdliu <dev03108@linx-info.com>
+Date: Tue, 25 Mar 2025 15:31:42 +0800
+Subject: [PATCH 2/2] Clear password in more cases
+
+If encryption of password fails, clear the memory before exiting.
+
+Reviewed-by: Alejandro Colomar <alx@kernel.org>
+Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+
+Signed-off-by: hdliu <dev03108@linx-info.com>
+---
+ src/gpasswd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/gpasswd.c b/src/gpasswd.c
+index a17c881..e5888c1 100644
+--- a/src/gpasswd.c
++++ b/src/gpasswd.c
+@@ -943,13 +943,13 @@ static void change_passwd (struct group *gr)
+ 
+ 	salt = crypt_make_salt (NULL, NULL);
+ 	cp = pw_encrypt (pass, salt);
++	memzero (pass, sizeof pass);
+ 	if (NULL == cp) {
+ 		fprintf (stderr,
+ 		         _("%s: failed to crypt password with salt '%s': %s\n"),
+ 		         Prog, salt, strerror (errno));
+ 		exit (1);
+ 	}
+-	memzero (pass, sizeof pass);
+ #ifdef SHADOWGRP
+ 	if (is_shadowgrp) {
+ 		gr->gr_passwd = SHADOW_PASSWD_STRING;
+-- 
+2.33.0
+
diff --git a/backport-src-useradd.c-get_groups-Fix-memory-leak.patch b/backport-src-useradd.c-get_groups-Fix-memory-leak.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ead3aa5abdffd599c94cfedf7a297abb8dd80f8f
--- /dev/null
+++ b/backport-src-useradd.c-get_groups-Fix-memory-leak.patch
@@ -0,0 +1,33 @@
+From 9bc6cf9ba0559e65bb95a00bbddb5e5d50117c59 Mon Sep 17 00:00:00 2001
+From: hdliu <dev03108@linx-info.com>
+Date: Tue, 25 Mar 2025 15:38:50 +0800
+Subject: [PATCH 2/2] get_groups(): Fix memory leak
+
+Signed-off-by: hdliu <dev03108@linx-info.com>
+---
+ src/useradd.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/src/useradd.c b/src/useradd.c
+index 779659f..cbcbb84 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -735,6 +735,15 @@ static int get_groups (char *list)
+ 	int errors = 0;
+ 	int ngroups = 0;
+ 
++	/*
++	 * Free previous group list before creating a new one.
++	 */
++	int i = 0;
++	while (NULL != user_groups[i]) {
++		free(user_groups[i]);
++		user_groups[i++] = NULL;
++	}
++
+ 	if ('\0' == *list) {
+ 		return 0;
+ 	}
+-- 
+2.33.0
+
diff --git a/shadow.spec b/shadow.spec
index f03a4d8ac177a65fd3214d70695a2fbeb70d1431..a19aa825911f55424c166fc181870bf75a474b35 100644
--- a/shadow.spec
+++ b/shadow.spec
@@ -1,6 +1,6 @@
 Name: shadow
 Version: 4.9
-Release: 16
+Release: 17
 Epoch: 2
 License: BSD and GPLv2+
 Summary: Tools for managing accounts and shadow password files
@@ -97,6 +97,10 @@ Patch77: backport-lib-btrfs-avoid-NULL-dereference.patch
 Patch78: backport-src-passwd.c-Switch-to-day-precision.patch
 Patch79: backport-src-passwd-add-overflow-check.patch 
 Patch80: backport-src-useradd-free-string.patch
+Patch81: backport-src-useradd.c-get_groups-Fix-memory-leak.patch
+Patch82: backport-src-gpasswd-Clear-password-in-more-cases.patch
+Patch83: backport-lib-encrypt.c-Do-not-exit-in-error-case.patch
+
 
 BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel
 BuildRequires: libacl-devel, libattr-devel
@@ -266,6 +270,10 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
 %{_mandir}/*/*
 
 %changelog
+* Tue Mar 25 2025 hdliu <dev03108@linx-info.com> - 2:4.9-17
+- backport patches from upstream
+
+
 * Sat Mar 16 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2:4.9-16
 - backport some patches