diff --git a/conntrack-tools-1.4.4-free-pktb-after-use.patch b/conntrack-tools-1.4.4-free-pktb-after-use.patch
new file mode 100644
index 0000000..c43f23f
--- /dev/null
+++ b/conntrack-tools-1.4.4-free-pktb-after-use.patch
@@ -0,0 +1,29 @@
+From 832166dc4780e259424ebab07b42ecf42cde6fe3 Mon Sep 17 00:00:00 2001
+From: Kevin Cernekee <cernekee@chromium.org>
+Date: Fri, 27 Jan 2017 12:38:46 -0800
+Subject: conntrackd: cthelper: Free pktb after use
+
+According to valgrind, this currently leaks ~512B to 2kB for each
+packet sent to the userspace helper.
+
+Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ src/cthelper.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/cthelper.c b/src/cthelper.c
+index 54eb830..f01c509 100644
+--- a/src/cthelper.c
++++ b/src/cthelper.c
+@@ -325,6 +325,7 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
+ 	if (pkt_verdict_issue(helper, myct, queue_num, id, verdict, pktb) < 0)
+ 		goto err4;
+ 
++	pktb_free(pktb);
+ 	nfct_destroy(ct);
+ 	if (myct->exp != NULL)
+ 		nfexp_destroy(myct->exp);
+-- 
+cgit v0.12
+
diff --git a/conntrack-tools-1.4.4-nat_tuple-leak.patch b/conntrack-tools-1.4.4-nat_tuple-leak.patch
new file mode 100644
index 0000000..802bd91
--- /dev/null
+++ b/conntrack-tools-1.4.4-nat_tuple-leak.patch
@@ -0,0 +1,57 @@
+From 1ba5e76a368aeb9fe17d3b691df4faa0dadc4523 Mon Sep 17 00:00:00 2001
+From: Kevin Cernekee <cernekee@chromium.org>
+Date: Thu, 26 Jan 2017 16:44:24 -0800
+Subject: conntrackd: cthelper: Don't leak nat_tuple
+
+nfexp_set_attr() copies |nat_tuple| rather than taking ownership, so
+it should be freed at the end of the loop.  Some of the other helpers
+(like rpc.c) do this, but it is missing here.
+
+Reported-by: Eric Caruso <ejcaruso@chromium.org>
+Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ src/helpers/amanda.c | 1 +
+ src/helpers/ftp.c    | 1 +
+ src/helpers/tftp.c   | 1 +
+ 3 files changed, 3 insertions(+)
+
+diff --git a/src/helpers/amanda.c b/src/helpers/amanda.c
+index 9e6c4e7..faee1cd 100644
+--- a/src/helpers/amanda.c
++++ b/src/helpers/amanda.c
+@@ -75,6 +75,7 @@ static int nat_amanda(struct pkt_buff *pkt, uint32_t ctinfo,
+ 			break;
+ 		}
+ 	}
++	nfct_destroy(nat_tuple);
+ 
+ 	if (port == 0) {
+ 		pr_debug("all ports in use\n");
+diff --git a/src/helpers/ftp.c b/src/helpers/ftp.c
+index 27ab5eb..c3aa284 100644
+--- a/src/helpers/ftp.c
++++ b/src/helpers/ftp.c
+@@ -423,6 +423,7 @@ static unsigned int nf_nat_ftp(struct pkt_buff *pkt,
+ 			break;
+ 		}
+ 	}
++	nfct_destroy(nat_tuple);
+ 
+ 	if (port == 0)
+ 		return NF_DROP;
+diff --git a/src/helpers/tftp.c b/src/helpers/tftp.c
+index 45591c6..70dd28a 100644
+--- a/src/helpers/tftp.c
++++ b/src/helpers/tftp.c
+@@ -65,6 +65,7 @@ static unsigned int nat_tftp(struct pkt_buff *pkt, uint32_t ctinfo,
+ 	nfexp_set_attr_u32(exp, ATTR_EXP_NAT_DIR, MYCT_DIR_REPL);
+ 	nfexp_set_attr(exp, ATTR_EXP_FN, "nat-follow-master");
+ 	nfexp_set_attr(exp, ATTR_EXP_NAT_TUPLE, nat_tuple);
++	nfct_destroy(nat_tuple);
+ 
+ 	return NF_ACCEPT;
+ }
+-- 
+cgit v0.12
+