diff --git a/patch-coverity-leak.patch b/patch-coverity-leak.patch
new file mode 100644
index 0000000..040bb79
--- /dev/null
+++ b/patch-coverity-leak.patch
@@ -0,0 +1,15 @@
+diff -up patch-2.6.1/gl/lib/hash.c.coverity-leak patch-2.6.1/gl/lib/hash.c
+--- patch-2.6.1/gl/lib/hash.c.coverity-leak	2009-11-02 19:09:57.000000000 +0000
++++ patch-2.6.1/gl/lib/hash.c	2011-05-16 15:13:49.231998981 +0100
+@@ -857,7 +857,10 @@ hash_rehash (Hash_table *table, size_t c
+ 		  struct hash_entry *new_entry = allocate_entry (new_table);
+ 
+ 		  if (new_entry == NULL)
+-		    return false;
++		    {
++		      free (new_table);
++		      return false;
++		    }
+ 
+ 		  new_entry->data = data;
+ 		  new_entry->next = new_bucket->next;
diff --git a/patch.spec b/patch.spec
index 8bbb30a..0a9d18a 100644
--- a/patch.spec
+++ b/patch.spec
@@ -10,6 +10,7 @@ Patch1: patch-2.5.4-sigsegv.patch
 Patch2: patch-get-arg.patch
 Patch3: patch-CVE-2010-4651.patch
 Patch4: patch-backup-if-mismatch.patch
+Patch5: patch-coverity-leak.patch
 Patch100: patch-selinux.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -43,6 +44,9 @@ applications.
 # Let --posix cause --no-backup-if-mismatch (bug #678016).
 %patch4 -p1 -b .backup-if-mismatch
 
+# Fix memory leak (bug #704554).
+%patch5 -p1 -b .coverity-leak
+
 # SELinux support.
 %patch100 -p1 -b .selinux
 
@@ -71,6 +75,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/*/*
 
 %changelog
+* Mon May 16 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-10
+- Applied Jiri Popelka's fixes from Coverity scan (bug #704554):
+  - Avoid unchecked return from getfilecon() in patch-selinux.patch.
+  - Fix memory leak.
+
 * Wed Feb 16 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-9
 - Let --posix cause --no-backup-if-mismatch (bug #678016).