diff --git a/0001-git-svn-control-destruction-order-to-avoid-segfault.patch b/0001-git-svn-control-destruction-order-to-avoid-segfault.patch
new file mode 100644
index 0000000..8518dd5
--- /dev/null
+++ b/0001-git-svn-control-destruction-order-to-avoid-segfault.patch
@@ -0,0 +1,40 @@
+From 7f6f75e97acd25f8e95ce431e16d2e1c2093845d Mon Sep 17 00:00:00 2001
+From: Eric Wong <e@80x24.org>
+Date: Mon, 29 Jan 2018 23:11:07 +0000
+Subject: [PATCH] git-svn: control destruction order to avoid segfault
+
+It seems necessary to control destruction ordering to avoid a
+segfault with SVN 1.9.5 when using "git svn branch".  I've also
+reported the problem against libsvn-perl to Debian [Bug #888791],
+but releasing the SVN::Client instance can be beneficial anyways to
+save memory.
+
+ref: https://bugs.debian.org/888791
+Tested-by: Todd Zullinger <tmz@pobox.com>
+Reported-by: brian m. carlson <sandals@crustytoothpaste.net>
+Signed-off-by: Eric Wong <e@80x24.org>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+Signed-off-by: Todd Zullinger <tmz@pobox.com>
+---
+ git-svn.perl | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/git-svn.perl b/git-svn.perl
+index aa242d4f4f..b012980246 100755
+--- a/git-svn.perl
++++ b/git-svn.perl
+@@ -1199,6 +1199,11 @@ sub cmd_branch {
+ 	$ctx->copy($src, $rev, $dst)
+ 		unless $_dry_run;
+ 
++	# Release resources held by ctx before creating another SVN::Ra
++	# so destruction is orderly.  This seems necessary with SVN 1.9.5
++	# to avoid segfaults.
++	$ctx = undef;
++
+ 	$gs->fetch_all;
+ }
+ 
+-- 
+2.16.1
+
diff --git a/0001-rev-parse-check-lookup-ed-commit-references-for-NULL.patch b/0001-rev-parse-check-lookup-ed-commit-references-for-NULL.patch
new file mode 100644
index 0000000..0c685e4
--- /dev/null
+++ b/0001-rev-parse-check-lookup-ed-commit-references-for-NULL.patch
@@ -0,0 +1,72 @@
+From b03b51f889272622a3859a3765f1e7d1175b2346 Mon Sep 17 00:00:00 2001
+From: Elijah Newren <newren@gmail.com>
+Date: Wed, 23 May 2018 23:27:33 -0700
+Subject: [PATCH] rev-parse: check lookup'ed commit references for NULL
+
+Commits 2122f8b963d4 ("rev-parse: Add support for the ^! and ^@ syntax",
+2008-07-26) and 3dd4e7320d ("Teach rev-parse the ... syntax.", 2006-07-04)
+taught rev-parse new syntax, and used lookup_commit_reference() as part of
+their logic.  Neither usage checked the returned commit to see if it was
+non-NULL before using it.  Check for NULL and ensure an appropriate error
+is reported to the user.
+
+Reported by Florian Weimer and Todd Zullinger.
+
+Helped-by: Jeff King <peff@peff.net>
+Signed-off-by: Elijah Newren <newren@gmail.com>
+Signed-off-by: Todd Zullinger <tmz@pobox.com>
+---
+ builtin/rev-parse.c          | 8 ++++++--
+ t/t6101-rev-parse-parents.sh | 8 ++++++++
+ 2 files changed, 14 insertions(+), 2 deletions(-)
+
+diff --git a/builtin/rev-parse.c b/builtin/rev-parse.c
+index 7f965fe74e..fd8e52c7b7 100644
+--- a/builtin/rev-parse.c
++++ b/builtin/rev-parse.c
+@@ -282,6 +282,10 @@ static int try_difference(const char *arg)
+ 			struct commit *a, *b;
+ 			a = lookup_commit_reference(&oid);
+ 			b = lookup_commit_reference(&end);
++			if (!a || !b) {
++				*dotdot = '.';
++				return 0;
++			}
+ 			exclude = get_merge_bases(a, b);
+ 			while (exclude) {
+ 				struct commit *commit = pop_commit(&exclude);
+@@ -328,12 +332,12 @@ static int try_parent_shorthands(const char *arg)
+ 		return 0;
+ 
+ 	*dotdot = 0;
+-	if (get_sha1_committish(arg, oid.hash)) {
++	if (get_sha1_committish(arg, oid.hash) ||
++	    !(commit = lookup_commit_reference(&oid))) {
+ 		*dotdot = '^';
+ 		return 0;
+ 	}
+ 
+-	commit = lookup_commit_reference(&oid);
+ 	if (exclude_parent &&
+ 	    exclude_parent > commit_list_count(commit->parents)) {
+ 		*dotdot = '^';
+diff --git a/t/t6101-rev-parse-parents.sh b/t/t6101-rev-parse-parents.sh
+index 8c617981a3..7683e4a114 100755
+--- a/t/t6101-rev-parse-parents.sh
++++ b/t/t6101-rev-parse-parents.sh
+@@ -214,4 +214,12 @@ test_expect_success 'rev-list merge^-1x (garbage after ^-1)' '
+ 	test_must_fail git rev-list merge^-1x
+ '
+ 
++test_expect_success 'rev-parse $garbage^@ does not segfault' '
++	test_must_fail git rev-parse $EMPTY_TREE^@
++'
++
++test_expect_success 'rev-parse $garbage...$garbage does not segfault' '
++	test_must_fail git rev-parse $EMPTY_TREE...$EMPTY_BLOB
++'
++
+ test_done
+-- 
+2.17.0
+
diff --git a/0001-revision-quit-pruning-diff-more-quickly-when-possibl.patch b/0001-revision-quit-pruning-diff-more-quickly-when-possibl.patch
new file mode 100644
index 0000000..9d428cf
--- /dev/null
+++ b/0001-revision-quit-pruning-diff-more-quickly-when-possibl.patch
@@ -0,0 +1,129 @@
+From fffa73135ec366040b4570e386736afcd9fc4715 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Fri, 13 Oct 2017 11:27:45 -0400
+Subject: [PATCH] revision: quit pruning diff more quickly when possible
+
+When the revision traversal machinery is given a pathspec,
+we must compute the parent-diff for each commit to determine
+which ones are TREESAME. We set the QUICK diff flag to avoid
+looking at more entries than we need; we really just care
+whether there are any changes at all.
+
+But there is one case where we want to know a bit more: if
+--remove-empty is set, we care about finding cases where the
+change consists only of added entries (in which case we may
+prune the parent in try_to_simplify_commit()). To cover that
+case, our file_add_remove() callback does not quit the diff
+upon seeing an added entry; it keeps looking for other types
+of entries.
+
+But this means when --remove-empty is not set (and it is not
+by default), we compute more of the diff than is necessary.
+You can see this in a pathological case where a commit adds
+a very large number of entries, and we limit based on a
+broad pathspec. E.g.:
+
+  perl -e '
+    chomp(my $blob = `git hash-object -w --stdin </dev/null`);
+    for my $a (1..1000) {
+      for my $b (1..1000) {
+        print "100644 $blob\t$a/$b\n";
+      }
+    }
+  ' | git update-index --index-info
+  git commit -qm add
+
+  git rev-list HEAD -- .
+
+This case takes about 100ms now, but after this patch only
+needs 6ms. That's not a huge improvement, but it's easy to
+get and it protects us against even more pathological cases
+(e.g., going from 1 million to 10 million files would take
+ten times as long with the current code, but not increase at
+all after this patch).
+
+This is reported to minorly speed-up pathspec limiting in
+real world repositories (like the 100-million-file Windows
+repository), but probably won't make a noticeable difference
+outside of pathological setups.
+
+This patch actually covers the case without --remove-empty,
+and the case where we see only deletions. See the in-code
+comment for details.
+
+Note that we have to add a new member to the diff_options
+struct so that our callback can see the value of
+revs->remove_empty_trees. This callback parameter could be
+passed to the "add_remove" and "change" callbacks, but
+there's not much point. They already receive the
+diff_options struct, and doing it this way avoids having to
+update the function signature of the other callbacks
+(arguably the format_callback and output_prefix functions
+could benefit from the same simplification).
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit a937b37e766479c8e780b17cce9c4b252fd97e40)
+---
+ diff.h     |  1 +
+ revision.c | 16 +++++++++++++---
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/diff.h b/diff.h
+index 2d442e296f..142a2f24f2 100644
+--- a/diff.h
++++ b/diff.h
+@@ -180,6 +180,7 @@ struct diff_options {
+ 	pathchange_fn_t pathchange;
+ 	change_fn_t change;
+ 	add_remove_fn_t add_remove;
++	void *change_fn_data;
+ 	diff_format_fn_t format_callback;
+ 	void *format_callback_data;
+ 	diff_prefix_fn_t output_prefix;
+diff --git a/revision.c b/revision.c
+index 7da0907c85..1770f9ec33 100644
+--- a/revision.c
++++ b/revision.c
+@@ -392,8 +392,16 @@ static struct commit *one_relevant_parent(const struct rev_info *revs,
+  * if the whole diff is removal of old data, and otherwise
+  * REV_TREE_DIFFERENT (of course if the trees are the same we
+  * want REV_TREE_SAME).
+- * That means that once we get to REV_TREE_DIFFERENT, we do not
+- * have to look any further.
++ *
++ * The only time we care about the distinction is when
++ * remove_empty_trees is in effect, in which case we care only about
++ * whether the whole change is REV_TREE_NEW, or if there's another type
++ * of change. Which means we can stop the diff early in either of these
++ * cases:
++ *
++ *   1. We're not using remove_empty_trees at all.
++ *
++ *   2. We saw anything except REV_TREE_NEW.
+  */
+ static int tree_difference = REV_TREE_SAME;
+ 
+@@ -404,9 +412,10 @@ static void file_add_remove(struct diff_options *options,
+ 		    const char *fullpath, unsigned dirty_submodule)
+ {
+ 	int diff = addremove == '+' ? REV_TREE_NEW : REV_TREE_OLD;
++	struct rev_info *revs = options->change_fn_data;
+ 
+ 	tree_difference |= diff;
+-	if (tree_difference == REV_TREE_DIFFERENT)
++	if (!revs->remove_empty_trees || tree_difference != REV_TREE_NEW)
+ 		DIFF_OPT_SET(options, HAS_CHANGES);
+ }
+ 
+@@ -1345,6 +1354,7 @@ void init_revisions(struct rev_info *revs, const char *prefix)
+ 	DIFF_OPT_SET(&revs->pruning, QUICK);
+ 	revs->pruning.add_remove = file_add_remove;
+ 	revs->pruning.change = file_change;
++	revs->pruning.change_fn_data = revs;
+ 	revs->sort_order = REV_SORT_IN_GRAPH_ORDER;
+ 	revs->dense = 1;
+ 	revs->prefix = prefix;
+-- 
+2.15.0
+
diff --git a/git.spec b/git.spec
index 62ef4fc..2ff3c6c 100644
--- a/git.spec
+++ b/git.spec
@@ -44,7 +44,7 @@
 %endif
 
 Name:           git
-Version:        2.14.3
+Version:        2.14.5
 Release:        1%{?dist}
 Summary:        Fast Version Control System
 License:        GPLv2
@@ -76,6 +76,17 @@ Patch0:         git-1.8-gitweb-home-link.patch
 # https://bugzilla.redhat.com/490602
 Patch1:         git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
 
+# https://bugzilla.redhat.com/1510455 (CVE-2017-15298)
+# https://github.com/git/git/commit/a937b37e76
+Patch2:         0001-revision-quit-pruning-diff-more-quickly-when-possibl.patch
+
+# https://github.com/git/git/commit/7f6f75e97a
+Patch3:         0001-git-svn-control-destruction-order-to-avoid-segfault.patch
+
+# https://bugzilla.redhat.com/1581678
+# https://public-inbox.org/git/20180524062733.5412-1-newren@gmail.com/
+Patch4:         0001-rev-parse-check-lookup-ed-commit-references-for-NULL.patch
+
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %if ! 0%{?_without_docs}
@@ -346,6 +357,9 @@ rm -rf "$tar" "$gpghome" # Cleanup tar files and tmp gpg home dir
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
 
 # Remove git-archimport from command list
 sed -i '/^git-archimport/d' command-list.txt
@@ -408,6 +422,8 @@ make -C contrib/credential/libsecret/
 %endif
 make -C contrib/credential/netrc/
 
+make -C contrib/diff-highlight/
+
 make -C contrib/subtree/
 
 # Remove shebang from bash-completion script
@@ -465,6 +481,11 @@ find %{buildroot} -type f -name perllocal.pod -exec rm -f {} ';'
 # Clean up contrib/credential to avoid cruft in the git-core-doc docdir
 rm -rf contrib/credential
 
+# install contrib/diff-highlight and clean up to avoid cruft in git-core-doc
+install -Dpm 0755 contrib/diff-highlight/diff-highlight \
+    %{buildroot}%{_datadir}/git-core/contrib/diff-highlight
+rm -rf contrib/diff-highlight/{Makefile,diff-highlight,*.perl,t}
+
 # Clean up contrib/subtree to avoid cruft in the git-core-doc docdir
 rm -rf contrib/subtree/{INSTALL,Makefile,git-subtree{,.{1,html,sh,txt,xml}},t}
 
@@ -600,6 +621,7 @@ rm -rf %{buildroot}
 %{elispdir}
 %{_emacs_sitestartdir}/git-init.el
 %endif
+%{_datadir}/git-core/contrib/diff-highlight
 %{_datadir}/git-core/contrib/hooks/update-paranoid
 %{_datadir}/git-core/contrib/hooks/setgitperms.perl
 
@@ -609,7 +631,8 @@ rm -rf %{buildroot}
 #      be used elsewhere
 %{!?_licensedir:%global license %doc}
 %license COPYING
-# exlude is best way here because of troubels with symlinks inside git-core/
+# exclude is best way here because of troubles with symlinks inside git-core/
+%exclude %{_datadir}/git-core/contrib/diff-highlight
 %exclude %{_datadir}/git-core/contrib/hooks/update-paranoid
 %exclude %{_datadir}/git-core/contrib/hooks/setgitperms.perl
 %{bashcomproot}
@@ -730,6 +753,23 @@ rm -rf %{buildroot}
 # No files for you!
 
 %changelog
+* Fri Oct 05 2018 Todd Zullinger <tmz@pobox.com> - 2.14.5-1
+- Update to 2.14.5 (CVE-2018-17456)
+
+* Tue May 29 2018 Todd Zullinger <tmz@pobox.com> - 2.14.4-1
+- Update to 2.14.4 (CVE-2018-11233, CVE-2018-11235)
+
+* Thu May 24 2018 Todd Zullinger <tmz@pobox.com> - 2.14.3-4
+- Fix segfault in rev-parse with invalid input (#1581678)
+- Install contrib/diff-highlight (#1550251)
+
+* Fri Feb 16 2018 Todd Zullinger <tmz@pobox.com> - 2.14.3-3
+- git-svn: avoid segfaults in 'git svn branch'
+
+* Tue Nov 07 2017 Todd Zullinger <tmz@pobox.com> - 2.14.3-2
+- Fix git-clone memory exhaustion (CVE-2017-15298)
+  Resolves: #1510455, #1510457
+
 * Mon Oct 23 2017 Todd Zullinger <tmz@pobox.com> - 2.14.3-1
 - Update to 2.14.3
 
diff --git a/sources b/sources
index 9477487..f10aaab 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (git-2.14.3.tar.xz) = e32e9ff904cbc2a77d78ca08953e3b69ac527c333a898dd053806e3d7e684ad4ae153ae7663b7ff9c16e2414c3189878a2e6c95fe9320b4af6cb1e7fa5102643
-SHA512 (git-2.14.3.tar.sign) = e0b6ab097cb12202fe033fd898a9063b78ac9f650161e24ef059057b3606100d8a847b2b48c7a07ab79af5d46f2ed0193af3d1f6da723851752ba1383d2c483d
+SHA512 (git-2.14.5.tar.xz) = cd87ed857e0340cb95e7fd8adb19adc1fa51c80134be3b08fc5fb8846f5ef88bacf322d3a576ae35e5df9febfee7d8b337c48a4af7b6c98bcf30c8ce1cfc5308
+SHA512 (git-2.14.5.tar.sign) = 7df316948726f49443c141c8576a2f50f1909cf60d151952d0b1c29ccf1c9490ccdc004aa6c814319712ee7e8b7215846c8fe4a6752bf0a5accf8e8bfd2c5e44