diff --git a/sudo-1.8.14p3.tar.gz b/sudo-1.8.14p3.tar.gz
deleted file mode 100644
index f39fd4b..0000000
--- a/sudo-1.8.14p3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a8a697cbb113859058944850d098464618254804cf97961dee926429f00a1237
-size 2570892
diff --git a/sudo-1.8.15.tar.gz b/sudo-1.8.15.tar.gz
new file mode 100644
index 0000000..01dc02e
--- /dev/null
+++ b/sudo-1.8.15.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4316381708324da8b6cb151f655c1a11855207c7c02244d8ffdea5104d7cc308
+size 2660128
diff --git a/sudo.changes b/sudo.changes
index 3a7ef46..a3d0d71 100644
--- a/sudo.changes
+++ b/sudo.changes
@@ -1,3 +1,75 @@
+-------------------------------------------------------------------
+Fri Nov  6 11:55:17 UTC 2015 - kstreitova@suse.com
+
+- update to 1.8.15:
+  * Fixed a bug that prevented sudo from building outside the source 
+    tree on some platforms. Bug #708.
+  * Fixed the location of the sssd library in the RHEL/Centos packages.
+    Bug #710.
+  * Fixed a build problem on systems that don't implicitly include
+    sys/types.h from other header files. Bug #711.
+  * Fixed a problem on Linux using containers where sudo would ignore
+    signals sent by a process in a different container.
+  * Sudo now refuses to run a command if the PAM session module returns
+    an error.
+  * When editing files with sudoedit, symbolic links will no longer be
+    followed by default. The old behavior can be restored by enabling
+    the sudoedit_follow option in sudoers or on a per-command basis with
+    the FOLLOW and NOFOLLOW tags. Bug #707.
+  * Fixed a bug introduced in version 1.8.14 that caused the last valid
+    editor in the sudoers "editor" list to be used by visudo and sudoedit
+    instead of the first. Bug #714.
+  * Fixed a bug in visudo that prevented the addition of a final newline
+    to edited files without one.
+  * Fixed a bug decoding certain base64 digests in sudoers when the
+    intermediate format included a '=' character.
+  * Individual records are now locked in the time stamp file instead of
+    the entire file. This allows sudo to avoid prompting for a password
+    multiple times on the same terminal when used in a pipeline.
+    In other words, sudo cat foo | sudo grep bar now only prompts for
+    the password once. Previously, both sudo processes would prompt for
+    a password, often making it impossible to enter. Bug #705.
+  * Fixed a bug where sudo would fail to run commands as a non-root user
+    on systems that lack both setresuid() and setreuid(). Bug #713.
+  * Fixed a bug introduced in sudo 1.8.14 that prevented visudo from
+    re-editing the correct file when a syntax error was detected.
+  * Fixed a bug where sudo would not relay a SIGHUP signal to the command
+    when the terminal is closed and the command is not run in its own
+    pseudo-tty. Bug #719.
+  * If some, but not all, of the LOGNAME, USER or USERNAME environment
+    variables have been preserved from the invoking user's environment,
+    sudo will now use the preserved value to set the remaining variables
+    instead of using the runas user. This ensures that if, for example,
+    only LOGNAME is present in the env_keep list, that sudo will not set
+    USER and USERNAME to the runas user.
+  * When the command sudo is running dies due to a signal, sudo will now
+    send itself that same signal with the default signal handler installed
+    instead of exiting. The bash shell appears to ignore some signals,
+    e.g. SIGINT, unless the command being run is killed by that signal.
+    This makes the behavior of commands run under sudo the same as
+    without sudo when bash is the shell. Bug #722.
+  * Slovak translation for sudo from translationproject.org.
+  * Hungarian and Slovak translations for sudoers from
+    translationproject.org.
+  * Previously, when env_reset was enabled (the default) and the
+    -s option was not used, the SHELL environment variable was set to the
+    shell of the invoking user. Now, when env_reset is enabled and the
+    -s option is not used, SHELL is set based on the target user.
+  * Fixed challenge/response style BSD authentication.
+  * Added the sudoedit_checkdir Defaults option to prevent sudoedit from
+    editing files located in a directory that is writable by the
+    invoking user.
+  * Added the always_query_group_plugin Defaults option to control
+    whether groups not found in the system group database are passed to
+    the group plugin. Previously, unknown system groups were always
+    passed to the group plugin.
+  * When creating a new file, sudoedit will now check that the file's
+    parent directory exists before running the editor.
+  * Fixed the compiler stack protector test in configure for compilers
+    that support -fstack-protector but don't actually have the ssp
+    library available.
+- use spec-cleaner
+
 -------------------------------------------------------------------
 Wed Aug 12 18:29:20 UTC 2015 - jengelh@inai.de
 
diff --git a/sudo.spec b/sudo.spec
index b49d116..33470c6 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -17,7 +17,7 @@
 
 
 Name:           sudo
-Version:        1.8.14p3
+Version:        1.8.15
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC
@@ -44,7 +44,7 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
 Sudo is a command that allows users to execute some commands as root.
-The /etc/sudoers file (edited with 'visudo') specifies which users have
+The %{_sysconfdir}/sudoers file (edited with 'visudo') specifies which users have
 access to sudo and which commands they can run. Sudo logs all its
 activities to syslogd, so the system administrator can keep an eye on
 things. Sudo asks for the password for initializing a check period of a
@@ -69,11 +69,11 @@ Tests for fate#313276
 
 %prep
 %setup -q
-%patch0 -p1 
+%patch0 -p1
 %patch1 -p1
 
 %build
-%ifarch s390 s390x %sparc
+%ifarch s390 s390x %{sparc}
 F_PIE=-fPIE
 %else
 F_PIE=-fpie
@@ -102,7 +102,7 @@ export LDFLAGS="-pie"
     --without-secure-path \
     --with-passprompt='%%p\x27s password:' \
     --with-rundir=%{_localstatedir}/lib/sudo \
-    --with-sssd 
+    --with-sssd
 make %{?_smp_mflags}
 
 %install
@@ -123,9 +123,9 @@ rm -f %{buildroot}%{_docdir}/%{name}/schema.OpenLDAP
 %find_lang sudoers
 cat sudoers.lang >> %{name}.lang
 # tests
-install -d -m 755 %{buildroot}/var/lib/tests/sudo
-install -m 755 %{SOURCE3} %{buildroot}/var/lib/tests/sudo
-install -m 755 %{SOURCE4} %{buildroot}/var/lib/tests/sudo
+install -d -m 755 %{buildroot}%{_localstatedir}/lib/tests/sudo
+install -m 755 %{SOURCE3} %{buildroot}%{_localstatedir}/lib/tests/sudo
+install -m 755 %{SOURCE4} %{buildroot}%{_localstatedir}/lib/tests/sudo
 install -d %{buildroot}%{_docdir}/%{name}-test
 install -m 644 %{buildroot}%{_docdir}/%{name}/LICENSE %{buildroot}%{_docdir}/%{name}-test/LICENSE
 
@@ -134,23 +134,23 @@ chmod 0440 %{_sysconfdir}/sudoers
 %if 0%{?suse_version} <= 1130
 %run_permissions
 %else
-%set_permissions /usr/bin/sudo
+%set_permissions %{_bindir}/sudo
 %endif
 %tmpfiles_create %{_tmpfilesdir}/sudo.conf
 
 %verifyscript
-%verify_permissions -e /usr/bin/sudo
+%verify_permissions -e %{_bindir}/sudo
 
 %files -f %{name}.lang
 %defattr(-,root,root)
 %doc %{_docdir}/%{name}
-%doc %{_mandir}/man5/sudoers.5*
-%doc %{_mandir}/man5/sudo.conf.5*
-%doc %{_mandir}/man5/sudoers.ldap.5*
-%doc %{_mandir}/man8/sudo.8*
-%doc %{_mandir}/man8/sudoedit.8*
-%doc %{_mandir}/man8/sudoreplay.8*
-%doc %{_mandir}/man8/visudo.8*
+%{_mandir}/man5/sudoers.5*
+%{_mandir}/man5/sudo.conf.5*
+%{_mandir}/man5/sudoers.ldap.5*
+%{_mandir}/man8/sudo.8*
+%{_mandir}/man8/sudoedit.8*
+%{_mandir}/man8/sudoreplay.8*
+%{_mandir}/man8/visudo.8*
 
 %config(noreplace) %attr(0440,root,root) %{_sysconfdir}/sudoers
 %dir %{_sysconfdir}/sudoers.d
@@ -184,7 +184,7 @@ chmod 0440 %{_sysconfdir}/sudoers
 
 %files test
 %defattr(-,root, root)
-/var/lib/tests
+%{_localstatedir}/lib/tests
 %{_docdir}/%{name}-test/
 
 %changelog