diff --git a/patches/isdn-utils/isdn4k-utils-3.27_20151118.patch b/patches/isdn-utils/isdn4k-utils-3.27_20151118.patch
new file mode 100644
index 0000000..62eb901
--- /dev/null
+++ b/patches/isdn-utils/isdn4k-utils-3.27_20151118.patch
@@ -0,0 +1,116 @@
+diff -Naur isdn4k-utils-3.27_20151118-orig/ipppd/auth.c isdn4k-utils-3.27_20151118/ipppd/auth.c
+--- isdn4k-utils-3.27_20151118-orig/ipppd/auth.c	2015-11-18 16:45:08.000000000 +0100
++++ isdn4k-utils-3.27_20151118/ipppd/auth.c	2019-03-20 11:33:58.888350479 +0100
+@@ -1087,10 +1087,6 @@
+ 	struct netent *np;
+ 	struct wordlist *addrs;
+ 
+-	/* don't allow loopback or multicast address */
+-	if (bad_ip_adrs(addr))
+-		return 0;
+-
+ 	if ((addrs = lns[unit].addresses) == NULL)
+ 		return 1;                /* no restriction */
+ 
+@@ -1155,18 +1151,6 @@
+ }
+ 
+ /*
+- * bad_ip_adrs - return 1 if the IP address is one we don't want
+- * to use, such as an address in the loopback net or a multicast address.
+- * addr is in network byte order.
+- */
+-int bad_ip_adrs(u_int32_t addr)
+-{
+-	addr = ntohl(addr);
+-	return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
+-		|| IN_MULTICAST(addr) || IN_BADCLASS(addr);
+-}
+-
+-/*
+  * check_access - complain if a secret file has too-liberal permissions.
+  */
+ void check_access(FILE *f,char *filename)
+diff -Naur isdn4k-utils-3.27_20151118-orig/ipppd/ipppd.h isdn4k-utils-3.27_20151118/ipppd/ipppd.h
+--- isdn4k-utils-3.27_20151118-orig/ipppd/ipppd.h	2015-11-18 16:45:08.000000000 +0100
++++ isdn4k-utils-3.27_20151118/ipppd/ipppd.h	2019-03-20 11:35:25.664444914 +0100
+@@ -290,7 +290,6 @@
+ void ipcp_freeunit(int);
+ void lcp_freeunit(int);
+ char *ip_ntoa(u_int32_t);
+-int bad_ip_adrs(u_int32_t);
+ int getword(FILE *,char *,int *,char *);
+ void print_string(char *p,int len,void (*printer)(void *,char *,...),void *arg);
+ int auth_ip_addr(int unit,u_int32_t addr);
+diff -Naur isdn4k-utils-3.27_20151118-orig/ipppd/options.c isdn4k-utils-3.27_20151118/ipppd/options.c
+--- isdn4k-utils-3.27_20151118-orig/ipppd/options.c	2015-11-18 16:45:08.000000000 +0100
++++ isdn4k-utils-3.27_20151118/ipppd/options.c	2019-03-20 11:35:02.084147514 +0100
+@@ -1633,10 +1633,6 @@
+ 		}
+ 	    }
+ 	}
+-	if (bad_ip_adrs(local)) {
+-	    fprintf(stderr, "bad local IP address %s\n", ip_ntoa(local));
+-	    return -1;
+-	}
+ 	if (local != 0)
+ 	{
+ 	    wo->ouraddr = local;
+@@ -1663,10 +1659,6 @@
+ 		}
+ 	    }
+ 	}
+-	if (bad_ip_adrs(remote)) {
+-	    fprintf(stderr, "bad remote IP address %s\n", ip_ntoa(remote));
+-	    return -1;
+-	}
+ 	if (remote != 0)
+ 	{
+ 	    wo->hisaddr = remote;
+@@ -1732,7 +1724,7 @@
+       if ((hp = gethostbyname(hostname)) == NULL)
+ 	return;
+       local = *(u_int32_t *)hp->h_addr;
+-      if (local != 0 && !bad_ip_adrs(local))
++      if (local != 0)
+ 	wo->ouraddr = local;
+     }
+ }
+diff -Naur isdn4k-utils-3.27_20151118-orig/ipppd/radius.c isdn4k-utils-3.27_20151118/ipppd/radius.c
+--- isdn4k-utils-3.27_20151118-orig/ipppd/radius.c	2015-11-18 16:45:08.000000000 +0100
++++ isdn4k-utils-3.27_20151118/ipppd/radius.c	2019-03-20 11:35:21.787396015 +0100
+@@ -26,7 +26,6 @@
+ #include "pathnames.h"
+ 
+ char *ip_ntoa __P((u_int32_t));
+-int	bad_ip_adrs __P((u_int32_t));
+ char	username_realm[255];
+ char    radius_user[MAXNAMELEN];
+ char 	*make_username_realm ( char * );
+@@ -161,15 +160,6 @@
+ 			if ((remote != 0xfffffffe) && (remote != 0xffffffff)) 
+ 			{
+ 				remote = htonl(remote);
+-				if (bad_ip_adrs (remote))
+-				{
+-					syslog (LOG_ERR, 
+-						"RADIUS bad remote IP address %s for %s in %s", 
+-						ip_ntoa (remote), 
+-						radius_user,
+-						func );
+-					return (-1);
+-				}
+ 				wo->hisaddr = remote;
+ 				syslog (LOG_DEBUG,
+               				"Assigned remote static IP %s in %s",
+diff -Naur isdn4k-utils-3.27_20151118-orig/ipppd/sys-linux.c isdn4k-utils-3.27_20151118/ipppd/sys-linux.c
+--- isdn4k-utils-3.27_20151118-orig/ipppd/sys-linux.c	2015-11-18 16:45:08.000000000 +0100
++++ isdn4k-utils-3.27_20151118/ipppd/sys-linux.c	2019-03-20 11:35:13.779295015 +0100
+@@ -1199,7 +1199,6 @@
+ 	}
+ 	nmask = htonl(nmask);
+ 
+-	/* class D nets are disallowed by bad_ip_adrs */
+ 	mask = netmask | nmask;
+ 
+ 	if (ifs == (void *) 0) {
diff --git a/patches/ppp/ppp-2.4.7.patch b/patches/ppp/ppp-2.4.7.patch
new file mode 100644
index 0000000..c6a2f74
--- /dev/null
+++ b/patches/ppp/ppp-2.4.7.patch
@@ -0,0 +1,115 @@
+diff -Naur ppp-2.4.7-orig/pppd/auth.c ppp-2.4.7/pppd/auth.c
+--- ppp-2.4.7-orig/pppd/auth.c	2019-03-20 11:42:28.592600096 +0100
++++ ppp-2.4.7/pppd/auth.c	2019-03-20 11:44:20.838152905 +0100
+@@ -2071,10 +2071,6 @@
+ {
+     int ok;
+ 
+-    /* don't allow loopback or multicast address */
+-    if (bad_ip_adrs(addr))
+-	return 0;
+-
+     if (allowed_address_hook) {
+ 	ok = allowed_address_hook(addr);
+ 	if (ok >= 0) return ok;
+@@ -2102,20 +2098,6 @@
+ }
+ 
+ /*
+- * bad_ip_adrs - return 1 if the IP address is one we don't want
+- * to use, such as an address in the loopback net or a multicast address.
+- * addr is in network byte order.
+- */
+-int
+-bad_ip_adrs(addr)
+-    u_int32_t addr;
+-{
+-    addr = ntohl(addr);
+-    return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET
+-	|| IN_MULTICAST(addr) || IN_BADCLASS(addr);
+-}
+-
+-/*
+  * some_ip_ok - check a wordlist to see if it authorizes any
+  * IP address(es).
+  */
+diff -Naur ppp-2.4.7-orig/pppd/ipcp.c ppp-2.4.7/pppd/ipcp.c
+--- ppp-2.4.7-orig/pppd/ipcp.c	2014-08-09 14:31:39.000000000 +0200
++++ ppp-2.4.7/pppd/ipcp.c	2019-03-20 11:45:00.529475366 +0100
+@@ -444,10 +444,6 @@
+ 	    }
+ 	    local = *(u_int32_t *)hp->h_addr;
+ 	}
+-	if (bad_ip_adrs(local)) {
+-	    option_error("bad local IP address %s", ip_ntoa(local));
+-	    return 0;
+-	}
+ 	if (local != 0)
+ 	    wo->ouraddr = local;
+ 	*colon = ':';
+@@ -467,10 +463,6 @@
+ 	    if (remote_name[0] == 0)
+ 		strlcpy(remote_name, colon, sizeof(remote_name));
+ 	}
+-	if (bad_ip_adrs(remote)) {
+-	    option_error("bad remote IP address %s", ip_ntoa(remote));
+-	    return 0;
+-	}
+ 	if (remote != 0)
+ 	    wo->hisaddr = remote;
+ 	prio_remote = option_priority;
+@@ -1724,7 +1716,7 @@
+ 	wo->accept_local = 1;	/* don't insist on this default value */
+ 	if ((hp = gethostbyname(hostname)) != NULL) {
+ 	    local = *(u_int32_t *)hp->h_addr;
+-	    if (local != 0 && !bad_ip_adrs(local))
++	    if (local != 0)
+ 		wo->ouraddr = local;
+ 	}
+     }
+diff -Naur ppp-2.4.7-orig/pppd/multilink.c ppp-2.4.7/pppd/multilink.c
+--- ppp-2.4.7-orig/pppd/multilink.c	2019-03-20 11:42:28.593600091 +0100
++++ ppp-2.4.7/pppd/multilink.c	2019-03-20 11:45:27.802685492 +0100
+@@ -456,7 +456,7 @@
+ 	hp = gethostbyname(hostname);
+ 	if (hp != NULL) {
+ 		addr = *(u_int32_t *)hp->h_addr;
+-		if (!bad_ip_adrs(addr)) {
++		{
+ 			addr = ntohl(addr);
+ 			if (!LOCAL_IP_ADDR(addr)) {
+ 				ep->class = EPD_IP;
+diff -Naur ppp-2.4.7-orig/pppd/pppd.h ppp-2.4.7/pppd/pppd.h
+--- ppp-2.4.7-orig/pppd/pppd.h	2019-03-20 11:42:28.587600118 +0100
++++ ppp-2.4.7/pppd/pppd.h	2019-03-20 11:45:32.180719223 +0100
+@@ -580,8 +580,6 @@
+ int  auth_ip_addr __P((int, u_int32_t));
+ 				/* check if IP address is authorized */
+ int  auth_number __P((void));	/* check if remote number is authorized */
+-int  bad_ip_adrs __P((u_int32_t));
+-				/* check if IP address is unreasonable */
+ 
+ /* Procedures exported from demand.c */
+ void demand_conf __P((void));	/* config interface(s) for demand-dial */
+diff -Naur ppp-2.4.7-orig/pppd/sys-linux.c ppp-2.4.7/pppd/sys-linux.c
+--- ppp-2.4.7-orig/pppd/sys-linux.c	2019-03-20 11:42:28.594600087 +0100
++++ ppp-2.4.7/pppd/sys-linux.c	2019-03-20 11:45:35.681746196 +0100
+@@ -2007,7 +2007,6 @@
+     else
+ 	    nmask = IN_CLASSC_NET;
+ 
+-    /* class D nets are disallowed by bad_ip_adrs */
+     mask = netmask | htonl(nmask);
+ /*
+  * Scan through the system's network interfaces.
+diff -Naur ppp-2.4.7-orig/pppd/sys-solaris.c ppp-2.4.7/pppd/sys-solaris.c
+--- ppp-2.4.7-orig/pppd/sys-solaris.c	2014-08-09 14:31:39.000000000 +0200
++++ ppp-2.4.7/pppd/sys-solaris.c	2019-03-20 11:45:38.623768863 +0100
+@@ -2406,7 +2406,6 @@
+ 	nmask = IN_CLASSB_NET;
+     else
+ 	nmask = IN_CLASSC_NET;
+-    /* class D nets are disallowed by bad_ip_adrs */
+     mask = netmask | htonl(nmask);
+ 
+     /*
diff --git a/patches/pureftpd/pure-ftpd-1.0.46.patch b/patches/pureftpd/pure-ftpd-1.0.46.patch
new file mode 100644
index 0000000..f80a286
--- /dev/null
+++ b/patches/pureftpd/pure-ftpd-1.0.46.patch
@@ -0,0 +1,24 @@
+diff -Naur pure-ftpd-1.0.47-orig/src/ftpd.c pure-ftpd-1.0.47/src/ftpd.c
+--- pure-ftpd-1.0.47-orig/src/ftpd.c	2019-03-20 11:04:49.802145290 +0100
++++ pure-ftpd-1.0.47/src/ftpd.c	2019-03-20 11:24:10.819954082 +0100
+@@ -530,17 +530,15 @@
+     return 1;
+ #endif
+     if (STORAGE_FAMILY(*addr) == AF_INET6) {
+-        if (IN6_IS_ADDR_MULTICAST(&STORAGE_SIN_ADDR6_NF(*addr)) ||
+-            IN6_IS_ADDR_UNSPECIFIED(&STORAGE_SIN_ADDR6_NF(*addr))) {
++        if (IN6_IS_ADDR_UNSPECIFIED(&STORAGE_SIN_ADDR6_NF(*addr))) {
+             return 0;
+         }
+         return 1;
+     } else if (STORAGE_FAMILY(*addr) == AF_INET) {
+         if (ntohl(STORAGE_SIN_ADDR(*addr)) == INADDR_ANY ||
+             ntohl(STORAGE_SIN_ADDR(*addr)) == INADDR_NONE ||
+-            ntohl(STORAGE_SIN_ADDR(*addr)) == INADDR_BROADCAST ||
+-            IN_MULTICAST(ntohl(STORAGE_SIN_ADDR(*addr))) ||
+-            IN_BADCLASS(ntohl(STORAGE_SIN_ADDR(*addr)))) {
++            ntohl(STORAGE_SIN_ADDR(*addr)) == INADDR_BROADCAST
++            ) {
+             return 0;
+         }
+         return 1;