diff --git a/krb5.spec b/krb5.spec
index 80865ec..ae1a948 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -42,6 +42,18 @@
 %global krb5_release %{baserelease}
 %if "x%{?pre_release}" != "x"
 %global krb5_release 0.%{baserelease}.%{pre_release}
+%global krb5_pre_release -%{pre_release}
+%endif
+
+%global krb5_version_major 1
+%global krb5_version_minor 19
+# For a release without a patch number set to %%nil
+%global krb5_version_patch 2
+
+%global krb5_version_major_minor %{krb5_version_major}.%{krb5_version_minor}
+%global krb5_version %{krb5_version_major_minor}
+%if "x%{?krb5_version_patch}" != "x"
+%global krb5_version %{krb5_version_major_minor}.%{krb5_version_patch}
 %endif
 
 # Should be in form 5.0, 6.1, etc.
@@ -49,12 +61,12 @@
 
 Summary: The Kerberos network authentication system
 Name: krb5
-Version: 1.19.2
+Version: %{krb5_version}
 Release: %{krb5_release}%{?dist}
 
 # rharwood has trust path to signing key and verifies on check-in
-Source0: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz
-Source1: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz.asc
+Source0: https://web.mit.edu/kerberos/dist/krb5/%{krb5_version_major_minor}/krb5-%{krb5_version}%{?krb5_pre_release}.tar.gz
+Source1: https://web.mit.edu/kerberos/dist/krb5/%{krb5_version_major_minor}/krb5-%{krb5_version}%{?krb5_pre_release}.tar.gz.asc
 
 # Numbering is a relic of old init systems etc.  It's easiest to just leave.
 Source2: kprop.service