diff --git a/sudo-1.8.21p2.tar.gz b/sudo-1.8.21p2.tar.gz
deleted file mode 100644
index 2f19b37..0000000
--- a/sudo-1.8.21p2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:74c5746cd33a814e2431c39faf0d76f7f8a697379bd073862e3b156cf0d76368
-size 2976081
diff --git a/sudo-1.8.21p2.tar.gz.sig b/sudo-1.8.21p2.tar.gz.sig
deleted file mode 100644
index 5ac3a65..0000000
Binary files a/sudo-1.8.21p2.tar.gz.sig and /dev/null differ
diff --git a/sudo-1.8.22.tar.gz b/sudo-1.8.22.tar.gz
new file mode 100644
index 0000000..3241ce8
--- /dev/null
+++ b/sudo-1.8.22.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7256cb27c20883b14360eddbd17f98922073d104b214cf65aeacf1d9c9b9fd02
+size 3029051
diff --git a/sudo-1.8.22.tar.gz.sig b/sudo-1.8.22.tar.gz.sig
new file mode 100644
index 0000000..6787059
Binary files /dev/null and b/sudo-1.8.22.tar.gz.sig differ
diff --git a/sudo.changes b/sudo.changes
index 37ea2e0..3e899ed 100644
--- a/sudo.changes
+++ b/sudo.changes
@@ -1,3 +1,74 @@
+-------------------------------------------------------------------
+Tue Feb 13 11:33:04 UTC 2018 - kstreitova@suse.com
+
+- The sudo distribution files are now signed with a new pgp key.
+  Refresh sudo.keyring
+
+-------------------------------------------------------------------
+Wed Jan 24 00:44:24 UTC 2018 - avindra@opensuse.org
+
+- Update to 1.8.22 [bsc#1080793]
+  * Commands run in the background from a script run via sudo will
+    no longer receive SIGHUP when the parent exits and I/O logging
+    is enabled
+  * A particularly offensive insult is now disabled by default
+  * The description of sudo -i now correctly documents that the
+    env_keep and env_check sudoers options are applied to the
+    environment
+  * Fixed a crash when the system's host name is not set
+  * The sudoers2ldif script now handles #include and #includedir
+    directives.
+  * Fixed a bug where sudo would silently exit when the command
+    was not allowed by sudoers and the passwd_tries sudoers option
+    was set to a value less than one.
+  * Fixed a bug with the listpw and verifypw sudoers options and
+    multiple sudoers sources. If the option is set to all a
+    password should be required unless none of a user's sudoers
+    entries from any source require authentication.
+  * Fixed a bug with the listpw and verifypw sudoers options in
+    the LDAP and SSSD back-ends. If the option is set to any and
+    the entry contained multiple rules, only the first matching
+    rule was checked. If an entry contained more than one matching
+    rule and the first rule required authentication but a
+    subsequent rule did not, sudo would prompt for a password when
+    it should not have.
+  * When running a command as the invoking user (not root), sudo
+    would execute the command with the same group vector it was
+    started with. Sudo now executes the command with a new group
+    vector based on the group database which is consistent with how
+    su(1) operates.
+  * Fixed a double free in the SSSD back-end that could occur when
+    ipa_hostname is present in sssd.conf and is set to an unqualified
+    host name.
+  * When I/O logging is enabled, sudo will now write to the terminal
+    even when it is a background process. Previously, sudo would only
+    write to the tty when it was the foreground process when I/O
+    logging was enabled. If the TOSTOP terminal flag is set, sudo
+    will suspend the command (and then itself) with the SIGTTOU signal.
+  * A new authfail_message sudoers option that overrides the default
+    N incorrect password attempt(s).
+  * An empty sudoRunAsUser attribute in the LDAP and SSSD backends
+    will now match the invoking user. This is more consistent with
+    how an empty runas user in the sudoers file is treated.
+  * Documented that in check mode, visudo does not check the owner /
+    mode on files specified with the -f flag
+  * It is now an error to specify the runas user as an empty string
+    on the command line. Previously, an empty runas user was treated
+    the same as an unspecified runas user
+  * When timestamp_type option is set to tty and a terminal is
+    present, the time stamp record will now include the start time
+    of the session leader. When the timestamp_type option is set
+    to ppid or when no terminal is available, the start time of the
+    parent process is used instead. This significantly reduces the
+    likelihood of a time stamp record being re-used when a user logs
+    out and back in again.
+  * The sudoers time stamp file format is now documented in the new
+    sudoers_timestamp manual.
+  * Visudo will now use the SUDO_EDITOR environment variable (if
+    present) in addition to VISUAL and EDITOR. 
+- rebase sudoers2ldif-env.patch
+- cleanup with spec-cleaner
+
 -------------------------------------------------------------------
 Mon Dec 11 13:38:25 UTC 2017 - kstreitova@suse.com
 
diff --git a/sudo.keyring b/sudo.keyring
index 0574dc0..daab4eb 100644
--- a/sudo.keyring
+++ b/sudo.keyring
@@ -1,3 +1,11 @@
+pub   1024D/0x5A89DFA27EE470C4 2002-10-02
+uid                 [ unknown] Todd C. Miller <Todd.Miller@courtesan.com>
+sub   1024g/0x4ACA1697D017E72F 2002-10-02
+
+pub   4096R/0xA9F4C021CEA470FB 2017-12-03
+uid                 [ unknown] Todd C. Miller <Todd.Miller@sudo.ws>
+sub   4096R/0x8BBF1A6CF4565623 2017-12-03
+
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v2
 
@@ -10,22 +18,62 @@ yrUhZDQIvrM4o1yCSgNSwUM88+qYm6ETAT0sZAiFT9biMjsT4Bw13KihyYtE2L36
 LdXOA/9MEH8zWRqUjQMt4X1yKTjwmIotAd9xetVNj+4lfTgmsnlZoex7T94Id0+B
 FDDSj4gpQ7GpFa0qOQgTyaUo5HgoPFw4F9TjebWiyey2SznIw4960KoAwfSTdSOG
 GoD96xuBsmQGCfdIFW43SJngXKiOpF/3VHoUxGYhTefOSGHAvLQqVG9kZCBDLiBN
-aWxsZXIgPFRvZGQuTWlsbGVyQGNvdXJ0ZXNhbi5jb20+iEYEEhECAAYFAkFF7YQA
-CgkQdtwsPwG+XUqQZwCgiQQQzEwrFWoU4Mlv5QHSXhJyQY0AnRxtRStEF3oK4Lje
-AyhwmN8Ii7oDiEYEExECAAYFAj6VvLYACgkQ76rb1U/0m22NvgCgiZ5+RUdokqMS
-weErY0MNJqkbIE4AnRTAxhEJ379aiG+8FSxZkt8aXUuMiFkEExECABkFAj2bdiUE
+aWxsZXIgPFRvZGQuTWlsbGVyQGNvdXJ0ZXNhbi5jb20+iFkEExECABkFAj2bdiUE
 CwcDAgMVAgMDFgIBAh4BAheAAAoJEFqJ36J+5HDEQigAoLdD+y5EQzvogb6oybhC
-pBBmefqYAKDGlnXX7JNBJYBv/r5TBg4+zLOOL4icBBABAgAGBQJRdsCIAAoJEDQB
-qWfpGXNhvlwD/1qaXdVB0F/90q/TD+K4wGSNTgxzSz7WxfeEFnaOmyKzPzZYo7PD
-Apfb68IxLGutG+LJjOiC+46smQBSFETiyM5U7YycpOFH0I908uJzMDqZm2UuVn9V
-WM/Y8oCjZbdmmECqbO+Mh+E+YHu7ojnVCXxXN+J21eVec781Q7YmRpPbuQENBD2b
-dicQBADOE3R8587Pf7ObSscn6EJbTowT1bVRZOA92SHqLMw7b2Pm2yrswM4SiIED
-x8Y1X37WepdLc9axik+qeb5jH/zMc+x6mI5Z7dRomu4F8VPwGUZLM3qn1o7WWJA6
-e/ntei5Fpvm1QVk8MzsAMcYCWu7K9mPPLCP+/oVY2hjoMuKqiwADBQQApJqntyzD
-+yQUQPSUX+WyWW+ZFrviR3+URgY8HrYLJq7/ie5yudmsE0/vBIh2kIvNDGrqX+P+
-8/lpRXyo3Zbr4NjUJkCuh21ko9Q0YcJ2in1lyyQTHp44baK9imCfTPqxyhdQniDm
-QJKyHM950bgM4scUy0SFUNbGcd22fRQUKe2IRgQYEQIABgUCPZt2JwAKCRBaid+i
-fuRwxM54AKCYI8PUizkqFGZz7uRjggt91Rfk5QCfaZ1IGT+k5sB+l0/NqwlPtDEh
-AUs=
-=j4Qf
+pBBmefqYAKDGlnXX7JNBJYBv/r5TBg4+zLOOL7kBDQQ9m3YnEAQAzhN0fOfOz3+z
+m0rHJ+hCW06ME9W1UWTgPdkh6izMO29j5tsq7MDOEoiBA8fGNV9+1nqXS3PWsYpP
+qnm+Yx/8zHPsepiOWe3UaJruBfFT8BlGSzN6p9aO1liQOnv57XouRab5tUFZPDM7
+ADHGAlruyvZjzywj/v6FWNoY6DLiqosAAwUEAKSap7csw/skFED0lF/lsllvmRa7
+4kd/lEYGPB62Cyau/4nucrnZrBNP7wSIdpCLzQxq6l/j/vP5aUV8qN2W6+DY1CZA
+rodtZKPUNGHCdop9ZcskEx6eOG2ivYpgn0z6scoXUJ4g5kCSshzPedG4DOLHFMtE
+hVDWxnHdtn0UFCntiEYEGBECAAYFAj2bdicACgkQWonfon7kcMTOeACgmCPD1Is5
+KhRmc+7kY4ILfdUX5OUAn2mdSBk/pObAfpdPzasJT7QxIQFLmQINBFokaiQBEADM
+mTjkUBpTgLLiv85lz0UGmgVj39si2Gd3RC2/qz3UmHhS0qnL4x3LejZQOifaevT3
+wIgOjU+YtyHleW2lZp0a/ndtFgXHeVJTQ12Ej5NbOHBFECWkWyXj1Rv/vBopI7Ox
+ERjAjoUQLSu6nsksclYoO0pZywm+K17os1i5Qbi0djdYjHT5Asiqnef5g02a8DJz
+QCq37VM046gFRhnp/unJoi4iexpjH/HL4tlRO7/3pDwV6MFVWDhNcrlP6AnmSzYb
+Fv8Nt4MsbWU0oYa1TtRmuqxn5R/Lb9i4Uj793qZz3I/cDqv78kd3lRJ5TbjXR1D2
+alhGVP6+0KWOKd5rpDSwYNojwKdVI6faJUOjRRSHGmZiNYFWp5UXDQUeFXmzEFWa
+XgIXbmH0SqpVkKvwhH/sn0G3ryLXnPizjM3RSmoxSzpJNTHBFGPBLd9eJ724IvF5
+Qigo8IdpPTZUv7EHmK2va97nH+AK7HDAPWTsOpM49CZXy1xz9N8Be3I8ayUgMO6a
+VuAKpQFGEpuNGq+DCvyUOyVa5jeEf50wWHXBMPlVjdZK/46aNKmg9YyGDmZn1YIG
+eAc6mhW0yM/+vvz9Wof5+RHHOBbVmAI7e7Mm7gR6xLZ0zty9FdPtEvxPnzzPIBjS
+tPxvFr3j/9maW7iJNX1c/FTqXY+VAfUy7mpvrEZrGQARAQABtCRUb2RkIEMuIE1p
+bGxlciA8VG9kZC5NaWxsZXJAc3Vkby53cz6JAk4EEwEIADgWIQRZ0enMuis3ZwT9
+01up9MAhzqRw+wUCWiRqJAIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCp
+9MAhzqRw+5TmEACtyNWwMIfo/0okILNHryc61nA96XznSsQS9u5AaRN06l6dp+1i
+x7FrSlXvCq1Oq7kajsF8Nnq9y2r7Os9ZsZSwGF1JGTt/qBT8N+Y+pEIe7igTSxv3
+UJINuY2uQvR6y7GOmvMVHvLUAR48WXhS3w4UVlBfDx4UEuLFocurDsNgqYBEv3QY
+ORUNCVMZlJg6/d8X3KpAK+Og3V13L8NjqZ546sRZub42FjJhxNh1mKLU+Q1Y+9Jm
+B3EMBBOTY+OAnwQJiLcW3l1RdA8d2wTQ3+CnwywJrcUm3yKwMGgPxs8+ywol9B2G
+5DtXYO82Flzfzb8kHQ6JRKBFVa3dz2NZt82VIIovfEl90zvBaEJVlNH/XH5qsVLY
+LHB/NZUwxxz573HSMW4YCQgZZWaZ0byjb27KYd6S7Tj/DV5uQvVmGcRQ7sAcJoKV
+G3XVlm+n5XnCWXddySOtt3XZbByIAyC5iu8LuLjCauO0sUX0L4yKnc0e4bqCglIm
+JGZuuOL5tLYOL7Bd/RWj2uC+dpPaol6VAefGDUv8GqKa+Y28FRXKVvxcQwLYLm4D
+A6hYV9f/0RjjPT/8VDk/dfytydhpaDnNu1nieAa5lx3/BPYPiuLgWg4DXpfW4IIG
+IMaEULDOfN7xOELfbTnIru89aWc+kqdzfrMPhLwxClHg2JWrjuE+BPzMXrkCDQRa
+JGokARAAxGZu+BKBt8rY8lF/7wQBfrqx2nlUTvdMlmUELT3e8Gw/z7+qArjYn+Xm
+7TTh490KMaATKFnDol0vfvlMXre4hyCC1/+B2qjEKiUCvVhwmKQFNV3pmbugTlbd
+EnHuf5sbzU32HWb2x2L4jMcrN97CQq6qx65S05uo7TS7DM7xPUCrGZKeXvlQVmJv
+0gH3symIy2ZQoLtTYyMoaDfifKLHbQfR2WSxPy7cb6mjX1jMOD8dGGazLDGohCDp
+Lhs4MbFTjwh1PBhFETBbAh5/ElNefpfT25w7RkPaMLiXmxTSQu/uugldjAsz5uQ8
+D39TueoeFymBOUH76dM1VewNzHxZTp0GpnOfvhtleKg/870tNhLphf811g1HxeNM
++W9oU5kY/dcFo71SHwuVzMSGU3QOuJmLso3epFsMfs5mDML8UT+gXZgI2gfu0VPj
+a4ashJ6Pd+OUpH7awFNLa7CoGILpBTIN1xxUCyzk1DNkscWYCgMUobdSEi/W59iC
+PlrDW5tPCfIzTA06F6WhjFKoYaM9oqBM113J9j+t4FK7gkrao9ksF6eKaohNEiGJ
+WRFJUwHf1jiHWafwZTAm1ZE9yuUksBbWrcEYdoak4CRcc1BaZWNd4PKn9IFoFSjb
+e8WAGoRLcv0sNujmN+UiQ+LesIUw3QA0YWXsN9sijUxroC/ClZMAEQEAAYkCNgQY
+AQgAIBYhBFnR6cy6KzdnBP3TW6n0wCHOpHD7BQJaJGokAhsMAAoJEKn0wCHOpHD7
+ok0QAJSNCcZAUTmQRlhncToRg6lLqwgIDx/GLYq6F/WDYn6Me2QalyUskpFX12qm
+JBlaMFHAus7bhbtyQBcEmPW9MY+HhItvRYXpKMbgEdxnMvD5uY+zDHiScRECH8gt
+Zy8Uld0HiCy2aWgwt3LtVRuLu/wt5KsLq1s9zpEHQ0P9AHnz+EWFArCHCC8FatWE
+47zZLDLOuMSLeS7HBSheloyTwezfdzbKnyD3JVwoTID0LP2Wo5FspqwYkIN93zRy
+TrlC6lmPR+TMzMsAeAh2kHpoV03z6isTO59jIqj1Nrai8fhd4DyfnRBBjkoXJTPe
+TM+MFa1gdU2B8VJfoqG7Ti780Tg83Z4/H9EEdD/pHzI8ay6xX5ABJhDnPHTPz3fK
+PaxwrfOJGyCvAr8qbCVql1Dp8b3sTAlWbG/Cqz7q3NhF298o4A1EDu5IADWKOhek
+djF/dutRHMCbvJKA0q4XiZu9YVYv7yysRPTicwvN9W5z7a5oIJLCXXtetNtoFZFo
+UDDZjmaCA6pcbFX9FZ96b9jLNa/BKvtlCTsosJHxf9XNiSx5dW9wHuojr60wvLxV
+K/N2anvjEfYuVxlfcKjOHpJuOX7xAcOAVAWnNvY/vSZCvAo2azMB5NOxu2Iz3pyq
+ARpClI6b14giASYMfWkb2Bfx2Sc44SHXcm5MxiTt51tB8i+d
+=bkRz
 -----END PGP PUBLIC KEY BLOCK-----
diff --git a/sudo.spec b/sudo.spec
index 000e1a3..327b11b 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package sudo
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           sudo
-Version:        1.8.21p2
+Version:        1.8.22
 Release:        0
 Summary:        Execute some commands as root
 License:        ISC
@@ -43,7 +43,6 @@ BuildRequires:  systemd-rpm-macros
 BuildRequires:  zlib-devel
 Requires(pre):  coreutils
 Requires(pre):  permissions
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
 Sudo is a command that allows users to execute some commands as root.
@@ -76,7 +75,7 @@ Tests for fate#313276
 %patch1 -p1
 
 %build
-%ifarch s390 s390x %sparc
+%ifarch s390 s390x %{sparc}
 F_PIE=-fPIE
 %else
 F_PIE=-fpie
@@ -102,7 +101,7 @@ export LDFLAGS="-pie"
     --with-sudoers-mode=0440 \
     --with-env-editor \
     --without-secure-path \
-    --with-passprompt="[sudo] password for %p: " \
+    --with-passprompt="[sudo] password for %{p}: " \
     --with-rundir=%{_localstatedir}/lib/sudo \
     --with-sssd
 make %{?_smp_mflags}
@@ -145,15 +144,15 @@ chmod 0440 %{_sysconfdir}/sudoers
 %verify_permissions -e %{_bindir}/sudo
 
 %files -f %{name}.lang
-%defattr(-,root,root)
 %doc %{_docdir}/%{name}
-%{_mandir}/man5/sudoers.5*
-%{_mandir}/man5/sudo.conf.5*
-%{_mandir}/man5/sudoers.ldap.5*
-%{_mandir}/man8/sudo.8*
-%{_mandir}/man8/sudoedit.8*
-%{_mandir}/man8/sudoreplay.8*
-%{_mandir}/man8/visudo.8*
+%{_mandir}/man5/sudoers.5%{ext_man}
+%{_mandir}/man5/sudo.conf.5%{ext_man}
+%{_mandir}/man5/sudoers.ldap.5%{ext_man}
+%{_mandir}/man5/sudoers_timestamp.5%{ext_man}
+%{_mandir}/man8/sudo.8%{ext_man}
+%{_mandir}/man8/sudoedit.8%{ext_man}
+%{_mandir}/man8/sudoreplay.8%{ext_man}
+%{_mandir}/man8/visudo.8%{ext_man}
 
 %config(noreplace) %attr(0440,root,root) %{_sysconfdir}/sudoers
 %dir %{_sysconfdir}/sudoers.d
@@ -179,7 +178,6 @@ chmod 0440 %{_sysconfdir}/sudoers
 %ghost %{_localstatedir}/lib/sudo/ts
 
 %files devel
-%defattr(-,root,root)
 %doc plugins/sample/sample_plugin.c
 %{_includedir}/sudo_plugin.h
 %{_mandir}/man8/sudo_plugin.8*
@@ -187,7 +185,6 @@ chmod 0440 %{_sysconfdir}/sudoers
 %{_libexecdir}/%{name}/*.la
 
 %files test
-%defattr(-,root, root)
 %{_localstatedir}/lib/tests
 %{_docdir}/%{name}-test/
 
diff --git a/sudoers2ldif-env.patch b/sudoers2ldif-env.patch
index 5ad7d25..f954425 100644
--- a/sudoers2ldif-env.patch
+++ b/sudoers2ldif-env.patch
@@ -1,10 +1,10 @@
-Index: sudo-1.8.7/plugins/sudoers/sudoers2ldif
+Index: b/plugins/sudoers/sudoers2ldif
 ===================================================================
---- sudo-1.8.7.orig/plugins/sudoers/sudoers2ldif
-+++ sudo-1.8.7/plugins/sudoers/sudoers2ldif
+--- a/plugins/sudoers/sudoers2ldif
++++ b/plugins/sudoers/sudoers2ldif
 @@ -1,4 +1,4 @@
 -#!/usr/bin/env perl
 +#!/usr/bin/perl
  #
- # Copyright (c) 2007, 2010-2011, 2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ # Copyright (c) 2007, 2010-2011, 2013 Todd C. Miller <Todd.Miller@sudo.ws>
  #