diff --git a/sudo.spec b/sudo.spec
index ddea7fd..ba7fa80 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -100,6 +100,7 @@ export CFLAGS="$RPM_OPT_FLAGS $F_PIE" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
         --with-ignore-dot \
         --with-tty-tickets \
         --with-ldap \
+        --with-ldap-conf-file="%{_sysconfdir}/sudo-ldap.conf" \
         --with-selinux \
         --with-passprompt="[sudo] password for %p: " \
 	--enable-python \
@@ -230,9 +231,17 @@ EOF
 %attr(0644,root,root) %{_libexecdir}/sudo/python_plugin.so
 
 %changelog
-* Mon Feb 08 2021 Zoltan Fridrich <zfridric@redhat.com> - 1.9.5p2-2
+* Tue Feb 09 2021 Zoltan Fridrich <zfridric@redhat.com> - 1.9.5p2-2
+- change ldap.conf to sudo-ldap.conf
+Resolves: rhbz#1908882
 - remove /usr/local/* from secure_path
 Resolves: rhbz#1908923
+- fixed CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit
+Resolves: rhbz#1916655
+- fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit
+Resolves: rhbz#1917039
+- fixed CVE-2021-3156 sudo: Heap buffer overflow in argument parsing
+Resolves: rhbz#1917735
 
 * Tue Jan 26 2021 Matthew Miller <mattdm@fedoraproject.org> - 1.9.5p2-1
 - rebase to 1.9.5p2