diff --git a/openssh.spec b/openssh.spec
index 1ec8dc5..d6c4f46 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -66,7 +66,7 @@
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
 %global openssh_ver 7.2p2
-%global openssh_rel 10
+%global openssh_rel 11
 %global pam_ssh_agent_ver 0.10.2
 %global pam_ssh_agent_rel 3
 
@@ -840,6 +840,9 @@ getent passwd sshd >/dev/null || \
 %endif
 
 %changelog
+* Tue Jul 26 2016 Jakub Jelen <jjelen@redhat.com> - 7.2p2-11 + 0.10.2-3
+- Prevent guest_t from running sudo (#1357860)
+
 * Mon Jul 18 2016 Jakub Jelen <jjelen@redhat.com> - 7.2p2-10 + 0.10.2-3
 - CVE-2016-6210: User enumeration via covert timing channel (#1357443)
 - Expose more information about authentication to PAM