diff --git a/sudo-1.7.1-auditfix.patch b/sudo-1.7.1-auditfix.patch
new file mode 100644
index 0000000..a1e8892
--- /dev/null
+++ b/sudo-1.7.1-auditfix.patch
@@ -0,0 +1,48 @@
+diff -up sudo-1.7.1/audit_help.c.auditfix sudo-1.7.1/audit_help.c
+--- sudo-1.7.1/audit_help.c.auditfix	2009-07-09 15:05:14.000000000 +0200
++++ sudo-1.7.1/audit_help.c	2009-07-09 15:04:33.000000000 +0200
+@@ -45,7 +45,7 @@
+ #include <selinux/selinux.h>
+ #endif
+ 
+-int audit_fd;
++int audit_fd = -1;
+ 
+ void audit_help_open (void)
+ {
+diff -up sudo-1.7.1/sudo.c.auditfix sudo-1.7.1/sudo.c
+--- sudo-1.7.1/sudo.c.auditfix	2009-07-09 14:35:50.000000000 +0200
++++ sudo-1.7.1/sudo.c	2009-07-09 15:02:41.000000000 +0200
+@@ -363,10 +363,6 @@ main(argc, argv, envp)
+     }
+     if (safe_cmnd == NULL)
+ 	safe_cmnd = estrdup(user_cmnd);
+-
+-#if defined(WITH_AUDIT)
+-    audit_help_open ();
+-#endif
+     
+ #ifdef HAVE_SETLOCALE
+     setlocale(LC_ALL, "");
+@@ -529,7 +525,12 @@ main(argc, argv, envp)
+ 	(void) sigaction(SIGINT, &saved_sa_int, NULL);
+ 	(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
+ 	(void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
++
++	closefrom(def_closefrom + 1);
+ 	
++#if defined(WITH_AUDIT)
++        audit_help_open ();
++#endif
+         if (access(safe_cmnd, X_OK) != 0) {
+ 		warn ("unable to execute %s", safe_cmnd);
+ #ifdef WITH_AUDIT
+@@ -545,8 +546,6 @@ main(argc, argv, envp)
+ 	sudo_endpwent();
+ 	sudo_endgrent();
+ 
+-	closefrom(def_closefrom + 1);
+-
+ #ifndef PROFILING
+ 	if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0) {
+ 	    syslog(LOG_AUTH|LOG_ERR, "fork");
diff --git a/sudo.spec b/sudo.spec
index 6611274..f7526b5 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.7.1
-Release: 1%{?dist}
+Release: 4%{?dist}
 License: BSD
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -30,6 +30,7 @@ Patch4: sudo-1.7.1-libtool.patch
 Patch5: sudo-1.7.1-getgrouplist.patch
 Patch6: sudo-1.7.1-audit.patch
 Patch7: sudo-1.7.1-conffix.patch
+Patch8: sudo-1.7.1-auditfix.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -51,6 +52,7 @@ on many different machines.
 %patch5 -p1 -b .getgrouplist
 %patch6 -p1 -b .audit
 %patch7 -p1 -b .conffix
+%patch8 -p1 -b .auditfix
 
 %build
 #hande newer autoconf
@@ -137,6 +139,10 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Thu Jul 09 2009 Daniel Kopecek <dkopecek@redhat.com> 1.7.1-4
+- moved the closefrom() call before audit_help_open() (sudo-1.7.1-auditfix.patch)
+- epoch number sync
+
 * Mon Jun 22 2009 Daniel Kopecek <dkopecek@redhat.com> 1.7.1-1
 - updated sudo to version 1.7.1
 - fixed small bug in configure.in (sudo-1.7.1-conffix.patch)