diff --git a/.gitignore b/.gitignore
index 560e500..c0793ce 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,3 +13,4 @@ rsyslog-4.6.3.tar.gz
 /rsyslog-7.2.4.tar.gz
 /rsyslog-7.2.5.tar.gz
 /rsyslog-7.3.9.tar.gz
+/rsyslog-7.3.10.tar.gz
diff --git a/rsyslog-5.8.11-enlarge-cert-info-bufs.patch b/rsyslog-5.8.11-enlarge-cert-info-bufs.patch
deleted file mode 100644
index a53e272..0000000
--- a/rsyslog-5.8.11-enlarge-cert-info-bufs.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff -up rsyslog-5.8.11/runtime/nsd_gtls.c.orig rsyslog-5.8.11/runtime/nsd_gtls.c
---- rsyslog-5.8.11/runtime/nsd_gtls.c.orig	2012-05-23 17:45:55.088757411 +0200
-+++ rsyslog-5.8.11/runtime/nsd_gtls.c	2012-05-23 17:46:34.949256350 +0200
-@@ -257,8 +257,8 @@ gtlsClientCertCallback(gnutls_session se
- static rsRetVal
- gtlsGetCertInfo(nsd_gtls_t *pThis, cstr_t **ppStr)
- {
--	char dn[128];
--	uchar lnBuf[256];
-+	char dn[256];
-+	uchar lnBuf[512];
- 	size_t size;
- 	unsigned int algo, bits;
- 	time_t expiration_time, activation_time;
diff --git a/rsyslog-7.3.10-correct-def-val.patch b/rsyslog-7.3.10-correct-def-val.patch
new file mode 100644
index 0000000..696a827
--- /dev/null
+++ b/rsyslog-7.3.10-correct-def-val.patch
@@ -0,0 +1,25 @@
+From a113af1cd151a8df1ebffdf8856b2150747b7553 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Fri, 12 Apr 2013 14:20:56 +0200
+Subject: [PATCH 2/2] bugfix: set correct default value
+
+---
+ plugins/imuxsock/imuxsock.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
+index 9553747..c503852 100644
+--- a/plugins/imuxsock/imuxsock.c
++++ b/plugins/imuxsock/imuxsock.c
+@@ -290,7 +290,7 @@ createInstance(instanceConf_t **pinst)
+ 	inst->sockName = NULL;
+ 	inst->pLogHostName = NULL;
+ 	inst->ratelimitInterval = DFLT_ratelimitInterval;
+-	inst->ratelimitBurst = DFLT_ratelimitSeverity;
++	inst->ratelimitBurst = DFLT_ratelimitBurst;
+ 	inst->ratelimitSeverity = DFLT_ratelimitSeverity;
+ 	inst->bUseFlowCtl = 0;
+ 	inst->bIgnoreTimestamp = 1;
+-- 
+1.7.10.4
+
diff --git a/rsyslog-7.3.10-ratelimit-segv.patch b/rsyslog-7.3.10-ratelimit-segv.patch
new file mode 100644
index 0000000..f4b1721
--- /dev/null
+++ b/rsyslog-7.3.10-ratelimit-segv.patch
@@ -0,0 +1,117 @@
+From 7e5ec859c8d6b972c4fafa873b22c30b927ec15f Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Fri, 12 Apr 2013 10:09:33 +0200
+Subject: [PATCH] bugfix: prevent a segfault if ratelimit condition is not met
+
+Move the severity-check logic inside the ratelimiter and add a new
+function ratelimitSetSeverity() to manipulate the treshold.
+Currently only utilized by the imuxsock module.
+---
+ plugins/imuxsock/imuxsock.c |    9 +++++----
+ runtime/ratelimit.c         |   14 +++++++++++++-
+ runtime/ratelimit.h         |    2 ++
+ 3 files changed, 20 insertions(+), 5 deletions(-)
+
+diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
+index 0f4ded1..9553747 100644
+--- a/plugins/imuxsock/imuxsock.c
++++ b/plugins/imuxsock/imuxsock.c
+@@ -412,6 +412,8 @@ addListner(instanceConf_t *inst)
+ 		ratelimitSetLinuxLike(listeners[nfd].dflt_ratelimiter,
+ 				      listeners[nfd].ratelimitInterval,
+ 				      listeners[nfd].ratelimitBurst);
++		ratelimitSetSeverity(listeners[nfd].dflt_ratelimiter,
++				     listeners[nfd].ratelimitSev);
+ 		nfd++;
+ 	} else {
+ 		errmsg.LogError(0, NO_ERRCODE, "Out of unix socket name descriptors, ignoring %s\n",
+@@ -586,6 +588,7 @@ findRatelimiter(lstn_t *pLstn, struct ucred *cred, ratelimit_t **prl)
+ 		pidbuf[sizeof(pidbuf)-1] = '\0'; /* to be on safe side */
+ 		CHKiRet(ratelimitNew(&rl, "imuxsock", pidbuf));
+ 		ratelimitSetLinuxLike(rl, pLstn->ratelimitInterval, pLstn->ratelimitBurst);
++		ratelimitSetSeverity(rl, pLstn->ratelimitSev);
+ 		CHKmalloc(keybuf = malloc(sizeof(pid_t)));
+ 		*keybuf = cred->pid;
+ 		r = hashtable_insert(pLstn->ht, keybuf, rl);
+@@ -775,10 +778,7 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred, struct tim
+ 	facil = LOG_FAC(pri);
+ 	sever = LOG_PRI(pri);
+ 
+-	if(sever >= pLstn->ratelimitSev) {
+-		/* note: if cred == NULL, then ratelimiter == NULL as well! */
+-		findRatelimiter(pLstn, cred, &ratelimiter); /* ignore error, better so than others... */
+-	}
++	findRatelimiter(pLstn, cred, &ratelimiter); /* ignore error, better so than others... */
+ 
+ 	if(ts == NULL) {
+ 		datetime.getCurrTime(&st, &tt);
+@@ -1075,6 +1075,7 @@ activateListeners()
+ 		ratelimitSetLinuxLike(listeners[0].dflt_ratelimiter,
+ 		listeners[0].ratelimitInterval,
+ 		listeners[0].ratelimitBurst);
++	ratelimitSetSeverity(listeners[0].dflt_ratelimiter,listeners[0].ratelimitSev);
+ 
+ 	sd_fds = sd_listen_fds(0);
+ 	if(sd_fds < 0) {
+diff --git a/runtime/ratelimit.c b/runtime/ratelimit.c
+index 4b618fb..d83da2d 100644
+--- a/runtime/ratelimit.c
++++ b/runtime/ratelimit.c
+@@ -202,7 +202,9 @@ ratelimitMsg(ratelimit_t *ratelimit, msg_t *pMsg, msg_t **ppRepMsg)
+ 	DEFiRet;
+ 
+ 	*ppRepMsg = NULL;
+-	if(ratelimit->interval) {
++	/* Only the messages having severity level at or below the
++	 * treshold (the value is >=) are subject to ratelimiting. */
++	if(ratelimit->interval && (pMsg->iSeverity >= ratelimit->severity)) {
+ 		if(withinRatelimit(ratelimit, pMsg->ttGenTime) == 0) {
+ 			msgDestruct(&pMsg);
+ 			ABORT_FINALIZE(RS_RET_DISCARDMSG);
+@@ -284,6 +286,7 @@ ratelimitNew(ratelimit_t **ppThis, char *modname, char *dynname)
+ 		namebuf[sizeof(namebuf)-1] = '\0'; /* to be on safe side */
+ 		pThis->name = strdup(namebuf);
+ 	}
++	/* pThis->severity == 0 - all messages are ratelimited */
+ 	pThis->bReduceRepeatMsgs = loadConf->globals.bReduceRepeatMsgs;
+ 	*ppThis = pThis;
+ finalize_it:
+@@ -316,6 +319,15 @@ ratelimitSetThreadSafe(ratelimit_t *ratelimit)
+ 	pthread_mutex_init(&ratelimit->mut, NULL);
+ }
+ 
++/* Severity level determines which messages are subject to
++ * ratelimiting. Default (no value set) is all messages.
++ */
++void
++ratelimitSetSeverity(ratelimit_t *ratelimit, intTiny severity)
++{
++	ratelimit->severity = severity;
++}
++
+ void
+ ratelimitDestruct(ratelimit_t *ratelimit)
+ {
+diff --git a/runtime/ratelimit.h b/runtime/ratelimit.h
+index 820817b..a058b06 100644
+--- a/runtime/ratelimit.h
++++ b/runtime/ratelimit.h
+@@ -26,6 +26,7 @@ struct ratelimit_s {
+ 	/* support for Linux kernel-type ratelimiting */
+ 	unsigned short interval;
+ 	unsigned short burst;
++	intTiny severity; /**< ratelimit only equal or lower severity levels (eq or higher values) */
+ 	unsigned done;
+ 	unsigned missed;
+ 	time_t begin;
+@@ -41,6 +42,7 @@ struct ratelimit_s {
+ rsRetVal ratelimitNew(ratelimit_t **ppThis, char *modname, char *dynname);
+ void ratelimitSetThreadSafe(ratelimit_t *ratelimit);
+ void ratelimitSetLinuxLike(ratelimit_t *ratelimit, unsigned short interval, unsigned short burst);
++void ratelimitSetSeverity(ratelimit_t *ratelimit, intTiny severity);
+ rsRetVal ratelimitMsg(ratelimit_t *ratelimit, msg_t *pMsg, msg_t **ppRep);
+ rsRetVal ratelimitAddMsg(ratelimit_t *ratelimit, multi_submit_t *pMultiSub, msg_t *pMsg);
+ void ratelimitDestruct(ratelimit_t *pThis);
+-- 
+1.7.10.4
+
diff --git a/rsyslog.spec b/rsyslog.spec
index 02acd7e..7803de2 100644
--- a/rsyslog.spec
+++ b/rsyslog.spec
@@ -12,7 +12,7 @@
 
 Summary: Enhanced system logging and kernel message trapping daemon
 Name: rsyslog
-Version: 7.3.9
+Version: 7.3.10
 Release: 1%{?dist}
 License: (GPLv3+ and ASL 2.0)
 Group: System Environment/Daemons
@@ -26,7 +26,10 @@ Patch0: rsyslog-7.2.2-systemd.patch
 Patch1: rsyslog-7.2.2-manpage-dbg-mode.patch
 # prevent modification of trusted properties (proposed upstream)
 Patch2: rsyslog-7.2.1-msg_c_nonoverwrite_merge.patch
-Patch5: rsyslog-5.8.11-enlarge-cert-info-bufs.patch
+# #950088, interim, merged upstream
+Patch3: rsyslog-7.3.10-ratelimit-segv.patch
+# interim, merged upstream
+Patch4: rsyslog-7.3.10-correct-def-val.patch
 
 BuildRequires: bison
 BuildRequires: flex
@@ -222,7 +225,8 @@ of source ports.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
-%patch5 -p1
+%patch3 -p1
+%patch4 -p1
 
 %build
 %ifarch sparc64
@@ -426,6 +430,14 @@ done
 %{_libdir}/rsyslog/omudpspoof.so
 
 %changelog
+* Wed Apr 14 2013 Tomas Heinrich <theinric@redhat.com> 7.3.10-1
+- rebase to 7.3.10
+- add a patch to resolve #950088 - ratelimiter segfault, merged upstream
+  rsyslog-7.3.10-ratelimit-segv.patch
+- add a patch to correct a default value, merged upstream
+  rsyslog-7.3.10-correct-def-val.patch
+- drop patch 5 - fixed upstream
+
 * Thu Apr 04 2013 Tomas Heinrich <theinric@redhat.com> 7.3.9-1
 - rebase to 7.3.9
 
diff --git a/sources b/sources
index a9bbae1..8a9af57 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-19bef962ed87b7f45eb116bd0d7375f7  rsyslog-7.3.9.tar.gz
+003721da25a454022e35b358689634f4  rsyslog-7.3.10.tar.gz