diff --git a/.gitignore b/.gitignore
index 9a6ac43..8adc9f6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@
 /keycloak-httpd-client-install-0.4.tar.gz
 /keycloak-httpd-client-install-0.5.tar.gz
 /keycloak-httpd-client-install-0.6.tar.gz
+/keycloak-httpd-client-install-0.8.tar.gz
diff --git a/keycloak-httpd-client-install.spec b/keycloak-httpd-client-install.spec
index 013539d..fe1f2b0 100644
--- a/keycloak-httpd-client-install.spec
+++ b/keycloak-httpd-client-install.spec
@@ -6,8 +6,8 @@
 %endif
 
 Name:           %{srcname}
-Version:        0.6
-Release:        2%{?dist}
+Version:        0.8
+Release:        1%{?dist}
 Summary:        %{summary}
 
 %global git_tag RELEASE_%(r=%{version}; echo $r | tr '.' '_')
@@ -114,6 +114,11 @@ install -c -m 644 doc/keycloak-httpd-client-install.8 %{buildroot}/%{_mandir}/ma
 %endif
 
 %changelog
+* Wed Jan 10 2018 John Dennis <jdennis@redhat.com> - 0.8-1
+- Upgrade to upstream 0,8, includes:
+- CVE-2017-15112 unsafe use of -p/--admin-password on command line
+- CVE-2017-15111 unsafe /tmp log file in --log-file option in keycloak_cli.py
+
 * Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.6-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
 
diff --git a/sources b/sources
index 81eb1d6..c74e1bf 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (keycloak-httpd-client-install-0.6.tar.gz) = b76e427c7fd836ff80be9b82ffc35ce9b523db5795af17f5ec4e0b61b96c452ef4a4e759ded459607e73b0e9c9fba1cf745f26175162a309ec912f2387f2adf1
+SHA512 (keycloak-httpd-client-install-0.8.tar.gz) = 44ab5789c4b77935f2ef854249a7cf960f4539f4631a2b97d9b5693d58ceec1cc95de35612cb33d72e025e3da21ed50c48ff4ba5e75b306d1c9de0cc3e307667