diff --git a/SOURCES/sudo-1.9.7-sigchild.patch b/SOURCES/sudo-1.9.7-sigchild.patch
new file mode 100644
index 0000000..94fcc94
--- /dev/null
+++ b/SOURCES/sudo-1.9.7-sigchild.patch
@@ -0,0 +1,35 @@
+From 727056e0c9519d8eecde801e950b35f2f69c72e2 Mon Sep 17 00:00:00 2001
+From: "Todd C. Miller" <Todd.Miller@sudo.ws>
+Date: Fri, 23 Apr 2021 07:41:27 -0600
+Subject: [PATCH] Make sure SIGCHLD is not ignored when sudo is executed. If
+ SIGCHLD is ignored there is a race condition between when the process is
+ executed and when the SIGCHLD handler is installed. This fixes the bug
+ described by GitHub PR #98
+
+---
+ src/signal.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/src/signal.c b/src/signal.c
+index 7f90d707b..866b64790 100644
+--- a/src/signal.c
++++ b/src/signal.c
+@@ -133,6 +133,18 @@ init_signals(void)
+ 	    case SIGTTOU:
+ 		/* Don't install these until exec time. */
+ 		break;
++	    case SIGCHLD:
++		/* Sudo needs to be able to catch SIGCHLD. */
++		if (ss->sa.sa_handler == SIG_IGN) {
++		    sudo_debug_printf(SUDO_DEBUG_INFO,
++			"will restore signal %d on exec", SIGCHLD);
++		    ss->restore = true;
++		}
++		if (sigaction(SIGCHLD, &sa, NULL) != 0) {
++		    sudo_warn(U_("unable to set handler for signal %d"),
++			SIGCHLD);
++		}
++		break;
+ 	    default:
+ 		if (ss->sa.sa_handler != SIG_IGN) {
+ 		    if (sigaction(ss->signo, &sa, NULL) != 0) {
diff --git a/SPECS/sudo.spec b/SPECS/sudo.spec
index 6b5bddc..cb5fb80 100644
--- a/SPECS/sudo.spec
+++ b/SPECS/sudo.spec
@@ -1,7 +1,7 @@
 Summary: Allows restricted root access for specified users
 Name: sudo
 Version: 1.8.29
-Release: 7%{?dist}
+Release: 7%{?dist}.1
 License: ISC
 Group: Applications/System
 URL: https://www.sudo.ws/
@@ -67,6 +67,9 @@ Patch16: sudo-1.9.5-CVE-2021-23240-3.patch
 Patch17: sudo-1.9.5-CVE-2021-23240-4.patch
 Patch18: sudo-1.9.5-CVE-2021-23240-5.patch
 
+# 2015136 - Request to backport https://www.sudo.ws/repos/sudo/rev/b4c91a0f72e7 to RHEL 8 [rhel-8.4.0.z]
+Patch19: sudo-1.9.7-sigchild.patch
+
 %description
 Sudo (superuser do) allows a system administrator to give certain
 users (or groups of users) the ability to run some (or all) commands
@@ -113,6 +116,9 @@ plugins that use %{name}.
 %patch17 -p1 -b .symbolic-link-attack-4
 %patch18 -p1 -b .symbolic-link-attack-5
 
+%patch19 -p1 -b .sigchild
+
+
 %build
 # Remove bundled copy of zlib
 rm -rf zlib/
@@ -271,6 +277,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/sudo_plugin.8*
 
 %changelog
+* Tue Oct 19 2021 RAdovan Sroka <rsroka@redhat.com> - 1.8.29-7.1
+RHEL 8.4.0 ZSTREAM ERRATUM
+- Make sure SIGCHLD is not ignored when sudo is executed
+Resolves: rhbz#2015136
+
 * Tue Feb 02 2021 Radovan Sroka <rsroka@redhat.com> - 1.8.29-7
 - RHEL 8.4 ERRATUM
 - CVE-2021-3156