diff --git a/openldap.spec b/openldap.spec
index 327aee9..27ef48f 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -1,12 +1,15 @@
 # TODO: add make test after build
 
+# TODO: hardening using RPM macros - instead of -Wl,-z,relro in LDFLAGS
+#%global _hardened_build 1
+
 %define evolution_connector_prefix %{_libdir}/evolution-openldap
 %define evolution_connector_includedir %{evolution_connector_prefix}/include
 %define evolution_connector_libdir %{evolution_connector_prefix}/%{_lib}
 
 Name: openldap
 Version: 2.4.26
-Release: 1%{?dist}.1
+Release: 2%{?dist}
 Summary: LDAP support libraries
 Group: System Environment/Daemons
 License: OpenLDAP
@@ -164,6 +167,7 @@ export CPPFLAGS="-I%_includedir/nss3 -I%_includedir/nspr4"
 export CFLAGS="$RPM_OPT_FLAGS $CPPFLAGS -fPIC -D_REENTRANT -DLDAP_CONNECTIONLESS -D_GNU_SOURCE -DHAVE_TLS -DHAVE_MOZNSS -DSLAPD_LMHASH"
 export NSS_LIBS="-lssl3 -lsmime3 -lnss3 -lnssutil3 -lplds4 -lplc4 -lnspr4"
 export LIBS=""
+export LDFLAGS="$LDFLAGS -Wl,-z,relro"
 
 build() {
 
@@ -649,6 +653,9 @@ exit 0
 %attr(0644,root,root)      %{evolution_connector_libdir}/*.a
 
 %changelog
+* Wed Aug 24 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-2
+- security hardening: library needs partial RELRO support added (#733071)
+
 * Sun Aug 14 2011 Rex Dieter <rdieter@fedoraproject.org> - 2.4.26-1.1
 - Rebuilt for rpm (#728707)