diff --git a/.cvsignore b/.cvsignore
index e7049a9..9c1dcc7 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -81,3 +81,4 @@ audit-1.6.tar.gz
 audit-1.6.1.tar.gz
 audit-1.6.2.tar.gz
 audit-1.6.4.tar.gz
+audit-1.6.5.tar.gz
diff --git a/audit-1.6.5-perm.patch b/audit-1.6.5-perm.patch
deleted file mode 100644
index e03b92c..0000000
--- a/audit-1.6.5-perm.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -urp audit-1.6.5.orig/src/auditd-config.c audit-1.6.5/src/auditd-config.c
---- audit-1.6.5.orig/src/auditd-config.c	2007-12-30 17:01:29.000000000 -0500
-+++ audit-1.6.5/src/auditd-config.c	2007-12-30 17:07:45.000000000 -0500
-@@ -505,9 +505,9 @@ static int log_file_parser(struct nv_pai
- 		audit_msg(LOG_ERR, "%s is not owned by root", nv->value);
- 		return 1;
- 	}
--	if ((buf.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != 
--			  (S_IRUSR|S_IWUSR|S_IRGRP)) {
--		audit_msg(LOG_ERR, "%s permissions should be 0640", nv->value);
-+	if ( (buf.st_mode & (S_IXUSR|S_IWGRP|S_IXGRP|S_IRWXO)) ) {
-+		audit_msg(LOG_ERR, "%s permissions should be 0600 or 0640",
-+				nv->value);
- 		return 1;
- 	}
- 	free((void *)config->log_file);
diff --git a/audit.spec b/audit.spec
index 59a88de..d3b89a7 100644
--- a/audit.spec
+++ b/audit.spec
@@ -1,17 +1,16 @@
 %define sca_version 0.4.5
-%define sca_release 4
+%define sca_release 5
 %define selinux_variants mls strict targeted
 %define selinux_policyver %(rpm -q selinux-policy | sed -e 's,^selinux-policy-\\([^/]*\\)$,\\1,')
 
 Summary: User space tools for 2.6 kernel auditing
 Name: audit
-Version: 1.6.4
-Release: 3%{?dist}
+Version: 1.6.5
+Release: 1%{?dist}
 License: GPLv2+
 Group: System Environment/Daemons
 URL: http://people.redhat.com/sgrubb/audit/
 Source0: %{name}-%{version}.tar.gz
-Patch1: audit-1.6.5-perm.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: gettext-devel intltool libtool swig python-devel
 BuildRequires: kernel-headers >= 2.6.18
@@ -91,7 +90,6 @@ A graphical utility for editing audit configuration.
 
 %prep
 %setup -q
-%patch1 -p1
 mkdir zos-remote-policy
 cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
 
@@ -156,6 +154,7 @@ touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
 
 %clean
 rm -rf $RPM_BUILD_ROOT
+rm -rf zos-remote-policy
 
 %post libs -p /sbin/ldconfig
 
@@ -241,6 +240,7 @@ fi
 %attr(644,root,root) %{_mandir}/man8/aureport.8.gz
 %attr(644,root,root) %{_mandir}/man8/ausearch.8.gz
 %attr(644,root,root) %{_mandir}/man8/autrace.8.gz
+%attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz
 %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz
 %attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz
 %attr(750,root,root) /sbin/auditctl
@@ -249,6 +249,7 @@ fi
 %attr(755,root,root) /sbin/aureport
 %attr(750,root,root) /sbin/autrace
 %attr(750,root,root) /sbin/audispd
+%attr(750,root,root) /sbin/aulastlog
 %attr(755,root,root) /etc/rc.d/init.d/auditd
 %attr(750,root,root) %{_var}/log/audit
 %attr(750,root,root) %dir /etc/audit
@@ -264,9 +265,6 @@ fi
 %files -n audispd-plugins
 %defattr(-,root,root,-)
 %attr(640,root,root) /etc/audisp/plugins.d/syslog.conf
-%attr(640,root,root) /etc/audisp/plugins.d/au-ids.conf
-%attr(640,root,root) /etc/audisp/plugins.d/remote.conf
-%attr(750,root,root) /sbin/audisp-ids
 %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz
 %attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz
 %config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf
@@ -290,6 +288,13 @@ fi
 %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
 
 %changelog
+* Mon Jan 07 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-1
+- Fix config parser to allow either 0640 or 0600 for audit logs (#427062)
+- Check for audit log being writable by owner in auditd
+- If auditd logging was suspended, it can be resumed with SIGUSR2 (#251639)
+- Updated CAPP, LSPP, and NISPOM rules for new capabilities
+- Added aulastlog utility
+
 * Sun Dec 30 2007 Steve Grubb <sgrubb@redhat.com> 1.6.4-3
 - Allow 0600 file perms for audit logs
 
diff --git a/sources b/sources
index e3e4ece..c3a9f03 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-3845dc6b8fbca062984b4968a15c208f  audit-1.6.4.tar.gz
+53ede8c7422cb251d01d06c7a5e3027b  audit-1.6.5.tar.gz