diff --git a/.gitignore b/.gitignore
index 3d0ed91..22c2d0a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -38,3 +38,4 @@
 /keepalived-2.2.2.tar.gz
 /keepalived-2.2.3.tar.gz
 /keepalived-2.2.4.tar.gz
+/keepalived-2.2.8.tar.gz
diff --git a/bz2028351-fix-dbus-policy-restrictions.patch b/bz2028351-fix-dbus-policy-restrictions.patch
deleted file mode 100644
index 7df76e0..0000000
--- a/bz2028351-fix-dbus-policy-restrictions.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 763eaa49343acdda5ff359012e8cc49c9ffc8e81 Mon Sep 17 00:00:00 2001
-From: Vincent Bernat <vincent@bernat.ch>
-Date: Tue, 23 Nov 2021 06:50:59 +0100
-Subject: [PATCH] dbus: fix policy to not be overly broad
-
-The DBus policy did not restrict the message destination, allowing any
-user to inspect and manipulate any property.
-
-Signed-off-by: Vincent Bernat <vincent@bernat.ch>
----
- keepalived/dbus/org.keepalived.Vrrp1.conf | 13 ++++++++-----
- 1 file changed, 8 insertions(+), 5 deletions(-)
-
-diff --git a/keepalived/dbus/org.keepalived.Vrrp1.conf b/keepalived/dbus/org.keepalived.Vrrp1.conf
-index 2b78a575..b5ced608 100644
---- a/keepalived/dbus/org.keepalived.Vrrp1.conf
-+++ b/keepalived/dbus/org.keepalived.Vrrp1.conf
-@@ -3,12 +3,15 @@
-  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
- <busconfig>
- 	<policy user="root">
--		<allow own="org.keepalived.Vrrp1"/>
--		<allow send_destination="org.keepalived.Vrrp1"/>
-+		<allow own="org.keepalived.Vrrp1" />
-+		<allow send_destination="org.keepalived.Vrrp1" />
- 	</policy>
- 	<policy context="default">
--		<allow send_interface="org.freedesktop.DBus.Introspectable" />
--		<allow send_interface="org.freedesktop.DBus.Peer" />
--		<allow send_interface="org.freedesktop.DBus.Properties" />
-+		<allow send_destination="org.keepalived.Vrrp1"
-+		       send_interface="org.freedesktop.DBus.Introspectable" />
-+		<allow send_destination="org.keepalived.Vrrp1"
-+		       send_interface="org.freedesktop.DBus.Peer" />
-+		<allow send_destination="org.keepalived.Vrrp1"
-+		       send_interface="org.freedesktop.DBus.Properties" />
- 	</policy>
- </busconfig>
--- 
-2.33.1
-
diff --git a/bz2102493-fix-variable-substitution.patch b/bz2102493-fix-variable-substitution.patch
deleted file mode 100644
index d670c1a..0000000
--- a/bz2102493-fix-variable-substitution.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 332262ec91f85cd4224816d2803d818015239007 Mon Sep 17 00:00:00 2001
-From: Quentin Armitage <quentin@armitage.org.uk>
-Date: Wed, 29 Jun 2022 09:18:15 +0100
-Subject: [PATCH] parser: optimise fixing recalculating updated line length
-
-Commit 1ffad9a - "recalculate buffer length inside recheck loop"
-resolved the issue but calls strlen(buf) more often than necessary.
-
-This commit only calls strlen(buf) when the line buffer is modified.
-
-Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
----
- lib/parser.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/lib/parser.c b/lib/parser.c
-index bcabd07f..2146f38b 100644
---- a/lib/parser.c
-+++ b/lib/parser.c
-@@ -2809,6 +2809,9 @@ read_line(char *buf, size_t size)
- 					recheck = true;
- 				if (strchr(buf, '$'))
- 					recheck = true;
-+
-+				if (recheck)
-+					len = strlen(buf);
- 			}
- 		} while (recheck);
- 	} while (buf[0] == '\0' || check_include(buf));
--- 
-2.38.1
-
diff --git a/bz2134749-fix-memory-leak-https-checks.patch b/bz2134749-fix-memory-leak-https-checks.patch
deleted file mode 100644
index 3b3886d..0000000
--- a/bz2134749-fix-memory-leak-https-checks.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From b8b463159d9bcb05505ec128b5c2926ace0b3e92 Mon Sep 17 00:00:00 2001
-From: Quentin Armitage <quentin@armitage.org.uk>
-Date: Thu, 13 Oct 2022 08:32:17 +0100
-Subject: [PATCH] ipvs: Work around OpenSSL memory leak in versions 3.0.0 to
- 3.0.4
-
-The memory leak was observed with OpenSSL 3.0.1, and it is resolved
-by version 3.0.5. Also the leak is not observed in v1.1.1n.
-
-Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
----
- keepalived/check/check_ssl.c | 20 +++++++++++++++++++-
- 1 file changed, 19 insertions(+), 1 deletion(-)
-
-diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c
-index 917ac0d7..50efa824 100644
---- a/keepalived/check/check_ssl.c
-+++ b/keepalived/check/check_ssl.c
-@@ -229,7 +229,25 @@ ssl_connect(thread_ref_t thread, int new_req)
- 		BIO_get_fd(req->bio, &bio_fd);
- 		if (fcntl(bio_fd, F_SETFD, fcntl(bio_fd, F_GETFD) | FD_CLOEXEC) == -1)
- 			log_message(LOG_INFO, "Setting CLOEXEC failed on ssl socket - errno %d", errno);
--#ifdef HAVE_SSL_SET0_RBIO
-+
-+		/* There is a memory leak in openSSL at least in version 3.0.1, which is fixed
-+		 * by version 3.0.5. It was not present in version 1.1.1n. Since I haven't been
-+		 * able to identify the OpenSSL patch that resolved the leak, we play safe and
-+		 * assume it is in versions 3.0.0 up to 3.0.4.
-+		 * The leak is memory allocated by
-+		 *   p = OPENSSL_malloc(len);
-+		 * in ssl3_setup_write_buffer() in ssl/record/ssl_buffer.c
-+		 *
-+		 * It appears that setting SSL_MODE_RELEASE_BUFFERS causes the memory leak not
-+		 * to occur.
-+		 */
-+#ifdef OPENSSL_VERSION_MAJOR
-+#if OPENSSL_VERSION_MAJOR == 3 && OPENSSL_VERSION_MINOR == 0 && OPENSSL_VERSION_PATCH <= 4
-+		SSL_set_mode(req->ssl, SSL_MODE_RELEASE_BUFFERS);
-+#endif
-+#endif
-+
-+#if defined HAVE_SSL_SET0_RBIO && defined HAVE_SSL_SET0_WBIO
- 		BIO_up_ref(req->bio);
- 		SSL_set0_rbio(req->ssl, req->bio);
- 		SSL_set0_wbio(req->ssl, req->bio);
--- 
-2.38.1
-
diff --git a/keepalived.spec b/keepalived.spec
index ecbb93a..fc5cd44 100644
--- a/keepalived.spec
+++ b/keepalived.spec
@@ -10,18 +10,14 @@
 
 Name: keepalived
 Summary: High Availability monitor built upon LVS, VRRP and service pollers
-Version: 2.2.4
-Release: 6%{?dist}
+Version: 2.2.8
+Release: 1%{?dist}
 License: GPLv2+
 URL: http://www.keepalived.org/
 
 Source0: http://www.keepalived.org/software/keepalived-%{version}.tar.gz
 Source1: keepalived.service
 
-Patch1: bz2028351-fix-dbus-policy-restrictions.patch
-Patch2: bz2102493-fix-variable-substitution.patch
-Patch3: bz2134749-fix-memory-leak-https-checks.patch
-
 Requires(post): systemd
 Requires(preun): systemd
 Requires(postun): systemd
@@ -61,9 +57,6 @@ infrastructures.
 
 %prep
 %setup -q
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
 
 %build
 %configure \
@@ -73,7 +66,7 @@ infrastructures.
     %{?with_snmp:--enable-snmp --enable-snmp-rfc} \
     %{?with_nftables:--enable-nftables --disable-iptables} \
     %{?with_sha1:--enable-sha1} \
-    %{?with_sha1:--enable-json} \
+    %{?with_json:--enable-json} \
     --with-init=systemd
 %{__make} %{?_smp_mflags} STRIP=/bin/true
 
@@ -114,6 +107,9 @@ mkdir -p %{buildroot}%{_libexecdir}/keepalived
 %{_mandir}/man8/keepalived.8*
 
 %changelog
+* Thu Jun 15 2023 Ryan O'Hara <rohara@redhat.com> - 2.2.8-1
+- Update to 2.2.8 (#2215308)
+
 * Fri Dec 23 2022 Ryan O'Hara <rohara@redhat.com> - 2.2.4-6
 - Fix unterminated endif in previous patch (#2134749)
 
diff --git a/sources b/sources
index 1ab012a..68261a4 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (keepalived-2.2.4.tar.gz) = b8b0f3e7092b7b7093a9927259928076ee95ed176dd26b3a5c38e8c0dc7b83468433944905618dbc9e4b73b81b0cd3f16c2db4234ed4fcdf30f4fc0e532f9422
+SHA512 (keepalived-2.2.8.tar.gz) = dc0ab5b0ef8911a7859422eccc2771a40e942236c855a628158ed748eb5f7dc4b6f4850e9c3057e81fd9d2daa640ab51fb1d7af12748a613280a217b333eb06b