diff --git a/sudo-1.7.2p4-getgrouplist.patch b/sudo-1.7.2p4-getgrouplist.patch
new file mode 100644
index 0000000..454b35b
--- /dev/null
+++ b/sudo-1.7.2p4-getgrouplist.patch
@@ -0,0 +1,40 @@
+diff -up sudo-1.7.2p4/check.c.getgrouplist sudo-1.7.2p4/check.c
+--- sudo-1.7.2p4/check.c.getgrouplist	2009-05-25 14:02:41.000000000 +0200
++++ sudo-1.7.2p4/check.c	2010-03-01 11:27:38.000000000 +0100
+@@ -353,6 +353,24 @@ user_is_exempt()
+ 	    return(TRUE);
+     }
+ 
++#ifdef HAVE_GETGROUPLIST
++    {
++	gid_t *grouplist, grouptmp;
++	int n_groups, i;
++	n_groups = 1;
++	if (getgrouplist(user_name, user_gid, &grouptmp, &n_groups) == -1) {
++	    grouplist = (gid_t *) emalloc(sizeof(gid_t) * (n_groups + 1));
++	    if (getgrouplist(user_name, user_gid, grouplist, &n_groups) > 0)
++		for (i = 0; i < n_groups; i++)
++		    if (grouplist[i] == grp->gr_gid) {
++			free(grouplist);
++			return(TRUE);
++		    }
++	    free(grouplist);
++	}
++    }
++#endif
++
+     return(FALSE);
+ }
+ 
+diff -up sudo-1.7.2p4/configure.in.getgrouplist sudo-1.7.2p4/configure.in
+--- sudo-1.7.2p4/configure.in.getgrouplist	2010-03-01 11:27:38.000000000 +0100
++++ sudo-1.7.2p4/configure.in	2010-03-01 11:29:45.000000000 +0100
+@@ -1852,7 +1852,7 @@ dnl
+ AC_FUNC_GETGROUPS
+ AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \
+ 	       strftime setrlimit initgroups getgroups fstat gettimeofday \
+-	       setlocale getaddrinfo setsid setenv setrlimit64)
++	       setlocale getaddrinfo setsid setenv setrlimit64 getgrouplist)
+ AC_CHECK_FUNCS(unsetenv, SUDO_FUNC_UNSETENV_VOID)
+ SUDO_FUNC_PUTENV_CONST
+ if test -z "$SKIP_SETRESUID"; then
diff --git a/sudo.spec b/sudo.spec
index f5efbd6..feefc97 100644
--- a/sudo.spec
+++ b/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
-Version: 1.7.2p2
-Release: 5%{?dist}
+Version: 1.7.2p5
+Release: 1%{?dist}
 License: BSD
 Group: Applications/System
 URL: http://www.courtesan.com/sudo/
@@ -28,15 +28,11 @@ Patch2: sudo-1.7.2p1-login.patch
 Patch3: sudo-1.7.2p1-envdebug.patch
 Patch4: sudo-1.7.1-libtool.patch
 # getgrouplist() to determine group membership (#235915)
-Patch5: sudo-1.7.1-getgrouplist.patch
+Patch5: sudo-1.7.2p4-getgrouplist.patch
 # audit support improvement
 Patch6: sudo-1.7.2p1-audit.patch
-# segfault when #include directive is used in cycles (#561336)
-Patch7: sudo-1.7.2p2-loopsegv3.patch
 # audit related Makefile.in and configure.in corrections
-Patch8: sudo-1.7.2p2-libaudit.patch
-# no valid sudoers sources found (#558875)
-Patch9: sudo-1.7.2p2-emptyincldir.patch
+Patch7: sudo-1.7.2p2-libaudit.patch
 
 %description
 Sudo (superuser do) allows a system administrator to give certain
@@ -57,9 +53,7 @@ on many different machines.
 %patch4 -p1 -b .libtool
 %patch5 -p1 -b .getgrouplist
 %patch6 -p1 -b .audit
-%patch7 -p1 -b .loopsegv3
-%patch8 -p1 -b .libaudit
-%patch9 -p1 -b .emptyincldir
+%patch7 -p1 -b .libaudit
 
 %build
 # handle newer autoconf
@@ -150,6 +144,9 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Mon Mar  1 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p5-1
+- update to new upstream version
+
 * Tue Feb 16 2010 Daniel Kopecek <dkopecek@redhat.com> - 1.7.2p2-5
 - fixed no valid sudoers sources found (#558875)