diff --git a/.gitignore b/.gitignore
index 1eed1cf..98f42ec 100644
--- a/.gitignore
+++ b/.gitignore
@@ -169,3 +169,5 @@ krb5-1.8.3-pdf.tar.gz
 /krb5-1.17-beta1.tar.gz
 /krb5-1.17-beta1.tar.gz.asc
 /krb5-1.17-beta1-pdfs.tar
+/krb5-1.17-beta2.tar.gz
+/krb5-1.17-beta2.tar.gz.asc
diff --git a/Add-tests-for-KCM-ccache-type.patch b/Add-tests-for-KCM-ccache-type.patch
index e51fc20..ef9b875 100644
--- a/Add-tests-for-KCM-ccache-type.patch
+++ b/Add-tests-for-KCM-ccache-type.patch
@@ -1,4 +1,4 @@
-From 38fb1102b18d6720d4c0aa4db879d05dfce87618 Mon Sep 17 00:00:00 2001
+From b361f6bbc2873bd54963076738dc3ae6224261a0 Mon Sep 17 00:00:00 2001
 From: Greg Hudson <ghudson@mit.edu>
 Date: Thu, 22 Nov 2018 00:27:35 -0500
 Subject: [PATCH] Add tests for KCM ccache type
diff --git a/Become-FIPS-aware.patch b/Become-FIPS-aware.patch
index d5f7911..20c211d 100644
--- a/Become-FIPS-aware.patch
+++ b/Become-FIPS-aware.patch
@@ -1,4 +1,4 @@
-From d49cdc4f701d072b59d57d14bc9c19e9fba42396 Mon Sep 17 00:00:00 2001
+From 6e1f7b50b36e0036838c91841c83360fdd567ec5 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Fri, 9 Nov 2018 15:12:21 -0500
 Subject: [PATCH] Become FIPS-aware
diff --git a/Fix-spurious-errors-from-kcmio_unix_socket_write.patch b/Fix-spurious-errors-from-kcmio_unix_socket_write.patch
deleted file mode 100644
index 876f5ac..0000000
--- a/Fix-spurious-errors-from-kcmio_unix_socket_write.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 5d925544465008f1695b3595531443aa78613365 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Mon, 5 Nov 2018 13:49:52 -0500
-Subject: [PATCH] Fix spurious errors from kcmio_unix_socket_write
-
-Commit 33634a940166d0b21c3105bab8dcf5550fbbd678 accidentally changed
-the return value from kcmio_unix_socket_write to be the result of the
-write call.  Most commonly this resulted in it returning 8, which led
-to many commands failing with "Exec format error".
-
-ticket: 8758 (new)
-tags: pullup
-target_version: 1.17-next
-
-(cherry picked from commit 3e76ea104cdaf22c4537833b203f8aeed1691f18)
----
- src/lib/krb5/ccache/cc_kcm.c | 7 +++----
- 1 file changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index 2b9f82e32..092ab7daf 100644
---- a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -308,8 +308,9 @@ kcmio_unix_socket_write(krb5_context context, struct kcmio *io, void *request,
- 
-     for (;;) {
-         ret = krb5int_net_writev(context, io->fd, sg, 2);
--        if (ret < 0)
--            ret = errno;
-+        if (ret >= 0)
-+            return 0;
-+        ret = errno;
-         if (ret != EPIPE || reconnected)
-             return ret;
- 
-@@ -327,8 +328,6 @@ kcmio_unix_socket_write(krb5_context context, struct kcmio *io, void *request,
-             return ret;
-         reconnected = TRUE;
-     }
--
--    return ret;
- }
- 
- /* Read a KCM reply: 4-byte big-endian length, 4-byte big-endian status code,
diff --git a/In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch b/In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
index 37de314..78fb0d9 100644
--- a/In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
+++ b/In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
@@ -1,4 +1,4 @@
-From 461739cdd608724020362bf0de07f76844bbfe10 Mon Sep 17 00:00:00 2001
+From 2bd85da058d2d73eb2818a8e64656fec9b21b3c3 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 31 Jul 2018 13:47:26 -0400
 Subject: [PATCH] In FIPS mode, add plaintext fallback for RC4 usages and taint
diff --git a/krb5-1.11-kpasswdtest.patch b/krb5-1.11-kpasswdtest.patch
index 8cff1ca..c5dc157 100644
--- a/krb5-1.11-kpasswdtest.patch
+++ b/krb5-1.11-kpasswdtest.patch
@@ -1,4 +1,4 @@
-From 90dd728245603a47e84dd3ba783c9c0a81ffc1a7 Mon Sep 17 00:00:00 2001
+From 6e8f8054396459c1f53c838801b0a75d235fdabb Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:52:01 -0400
 Subject: [PATCH] krb5-1.11-kpasswdtest.patch
diff --git a/krb5-1.11-run_user_0.patch b/krb5-1.11-run_user_0.patch
index bbe3b7c..d8dd892 100644
--- a/krb5-1.11-run_user_0.patch
+++ b/krb5-1.11-run_user_0.patch
@@ -1,4 +1,4 @@
-From f325467c9d2298fd17d0fb223a2aeff37fed6ce6 Mon Sep 17 00:00:00 2001
+From ac7370914ab1646ac79475399ff5e9ca4ec58737 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:49:57 -0400
 Subject: [PATCH] krb5-1.11-run_user_0.patch
diff --git a/krb5-1.12-api.patch b/krb5-1.12-api.patch
index eccb1a1..1ec3e8c 100644
--- a/krb5-1.12-api.patch
+++ b/krb5-1.12-api.patch
@@ -1,4 +1,4 @@
-From 77ac260bdbd1fdd5fded4738b57bb05c5f1e7480 Mon Sep 17 00:00:00 2001
+From eaaca3b6e9eb279ba7c50af95f0c84068927da16 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:47:00 -0400
 Subject: [PATCH] krb5-1.12-api.patch
diff --git a/krb5-1.12-ksu-path.patch b/krb5-1.12-ksu-path.patch
index 0ecb9d8..773b134 100644
--- a/krb5-1.12-ksu-path.patch
+++ b/krb5-1.12-ksu-path.patch
@@ -1,4 +1,4 @@
-From 5bd610ea4b4898b64e92e335327d9c5bc17c01fc Mon Sep 17 00:00:00 2001
+From b4804625f0b778ceaabdcc4fb448e7b5ba1523a5 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:32:09 -0400
 Subject: [PATCH] krb5-1.12-ksu-path.patch
diff --git a/krb5-1.12-ktany.patch b/krb5-1.12-ktany.patch
index d5d116f..b0691dc 100644
--- a/krb5-1.12-ktany.patch
+++ b/krb5-1.12-ktany.patch
@@ -1,4 +1,4 @@
-From 4950d6b9bff6fd4ede043946d20fffc0303af2ea Mon Sep 17 00:00:00 2001
+From 001a4204b41823b939ca7f6ff82cc55c084e69d9 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:33:53 -0400
 Subject: [PATCH] krb5-1.12-ktany.patch
diff --git a/krb5-1.12.1-pam.patch b/krb5-1.12.1-pam.patch
index 4696ea5..e89f2b0 100644
--- a/krb5-1.12.1-pam.patch
+++ b/krb5-1.12.1-pam.patch
@@ -1,4 +1,4 @@
-From 6d4f52b62dd2213704ac4361f9ef6c017ec78085 Mon Sep 17 00:00:00 2001
+From c734e307fb5cf75d2a54147ffe9b14b0c8a0558b Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:29:58 -0400
 Subject: [PATCH] krb5-1.12.1-pam.patch
diff --git a/krb5-1.13-dirsrv-accountlock.patch b/krb5-1.13-dirsrv-accountlock.patch
index 199630d..cfdd2d8 100644
--- a/krb5-1.13-dirsrv-accountlock.patch
+++ b/krb5-1.13-dirsrv-accountlock.patch
@@ -1,4 +1,4 @@
-From c6f1e5922c457e46566728b859c8cfd7dfcca873 Mon Sep 17 00:00:00 2001
+From 6ac22c213525b704183106053e7a49d7a18f3903 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:47:44 -0400
 Subject: [PATCH] krb5-1.13-dirsrv-accountlock.patch
diff --git a/krb5-1.15-beta1-buildconf.patch b/krb5-1.15-beta1-buildconf.patch
index da392ac..9dcbd9a 100644
--- a/krb5-1.15-beta1-buildconf.patch
+++ b/krb5-1.15-beta1-buildconf.patch
@@ -1,4 +1,4 @@
-From 15a15da6b29fd16faee37560a0d099164fc927a1 Mon Sep 17 00:00:00 2001
+From ee22f82b9a68f39a7c02b8eb75981c978d0f6e8c Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:45:26 -0400
 Subject: [PATCH] krb5-1.15-beta1-buildconf.patch
diff --git a/krb5-1.17-beta1-selinux-label.patch b/krb5-1.17-beta1-selinux-label.patch
index 8e67789..4895fec 100644
--- a/krb5-1.17-beta1-selinux-label.patch
+++ b/krb5-1.17-beta1-selinux-label.patch
@@ -1,4 +1,4 @@
-From f1ccca4209dea8da5135a3b4c34f925ef9e08824 Mon Sep 17 00:00:00 2001
+From 08e57eb589daa83dcbada0d1f81d5fb8dbe31fc4 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:30:53 -0400
 Subject: [PATCH] krb5-1.17-beta1-selinux-label.patch
diff --git a/krb5-1.3.1-dns.patch b/krb5-1.3.1-dns.patch
index 8b33141..a03312f 100644
--- a/krb5-1.3.1-dns.patch
+++ b/krb5-1.3.1-dns.patch
@@ -1,4 +1,4 @@
-From 3bca5a822eb3af61d345074d131bb4399a03412c Mon Sep 17 00:00:00 2001
+From fdfee89c7e849d8aa9d69fb453d87d1dcf750b84 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:46:21 -0400
 Subject: [PATCH] krb5-1.3.1-dns.patch
diff --git a/krb5-1.9-debuginfo.patch b/krb5-1.9-debuginfo.patch
index 22278d4..7594a6c 100644
--- a/krb5-1.9-debuginfo.patch
+++ b/krb5-1.9-debuginfo.patch
@@ -1,4 +1,4 @@
-From 3ea3d661c77a3a096cf2a24e48a0610ff308e3bc Mon Sep 17 00:00:00 2001
+From a766fdb8929635483ae7b8f7ff13ad105571f8c1 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:49:25 -0400
 Subject: [PATCH] krb5-1.9-debuginfo.patch
diff --git a/krb5.spec b/krb5.spec
index 68791c3..33bdcea 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -18,18 +18,12 @@ Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.17
 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
-Release: 1.beta1.3%{?dist}
+Release: 1.beta2.1%{?dist}
 
 # lookaside-cached sources; two downloads and a build artifact
 Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz
 # rharwood has trust path to signing key and verifies on check-in
 Source1: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz.asc
-# This source is generated during the build because it is documentation.
-# To override this behavior (e.g., new upstream version), do:
-#     tar cfT krb5-1.15.2-pdfs.tar /dev/null
-# or the like.  This logic persists due to how slow the stranger Fedora
-# architecture builders are.  5 minutes on my laptop, 45 on koji easy.
-Source3: krb5-%{version}%{prerelease}-pdfs.tar
 
 # Numbering is a relic of old init systems etc.  It's easiest to just leave.
 Source2: kprop.service
@@ -60,7 +54,6 @@ Patch33: krb5-1.13-dirsrv-accountlock.patch
 Patch34: krb5-1.9-debuginfo.patch
 Patch35: krb5-1.11-run_user_0.patch
 Patch36: krb5-1.11-kpasswdtest.patch
-Patch87: Fix-spurious-errors-from-kcmio_unix_socket_write.patch
 Patch88: Become-FIPS-aware.patch
 Patch89: In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
 Patch90: Add-tests-for-KCM-ccache-type.patch
@@ -248,7 +241,7 @@ contains only the libkadm5clnt and libkadm5serv shared objects. This
 interface is not considered stable.
 
 %prep
-%autosetup -S git -n %{name}-%{version}%{prerelease} -a 3
+%autosetup -S git -n %{name}-%{version}%{prerelease}
 ln NOTICE LICENSE
 
 # Take the execute bit off of documentation.
@@ -349,12 +342,7 @@ sphinx-build -a -b man   -t pathsubs doc build-man
 sphinx-build -a -b html  -t pathsubs doc build-html
 rm -fr build-html/_sources
 sphinx-build -a -b latex -t pathsubs doc build-pdf
-# Build the PDFs if we didn't have pre-built ones.
-for pdf in admin appdev basic build plugindev user ; do
-	test -s build-pdf/$pdf.pdf || make -C build-pdf
-done
-# new krb5-%{version}-pdf
-tar -cf "krb5-%{version}%{prerelease}-pdfs.tar.new" build-pdf/*.pdf
+make -C build-pdf
 
 # We need to cut off any access to locally-running nameservers, too.
 %{__cc} -fPIC -shared -o noport.so -Wall -Wextra $RPM_SOURCE_DIR/noport.c
@@ -711,6 +699,10 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*
 
 %changelog
+* Thu Dec 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.1
+- New upstream release (1.17-beta2)
+- Drop pdfs source file
+
 * Thu Nov 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.3
 - Add tests for KCM ccache type
 
diff --git a/sources b/sources
index 36da90e..4bc45cb 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,2 @@
-SHA512 (krb5-1.17-beta1.tar.gz) = 4981894e771d5d7cf5eaac9be94e8fcb6b818bc7c03953e15e6187a2b9d5184f354ffe8213e2a9d695b270b8088d2912ba913927c86b6171442a14071458f6c6
-SHA512 (krb5-1.17-beta1.tar.gz.asc) = 81655664d0b6517500c14dc3af5ac741ae22c5029ea2502ad4816e856cf8637dc8394b69921d484d35513cff8b190b25e5f6a6640238ce597e087bf18bfb323d
-SHA512 (krb5-1.17-beta1-pdfs.tar) = 1ddd97432c1210b9b62b67e7027636c2df23041f3a21e73e2de09e7bd741e20c3005e173c80f576272956e91fc01bd6f957bf9df41a24f50f7d1811021cc2a98
+SHA512 (krb5-1.17-beta2.tar.gz) = 4611e2091c74e6de7fe5a3e57c44c4afcc2ebd590dcc1fe99f73fac95aec64574b06bb636acb4cd694e49db76ccdee5448202ab4c653c4330b40b9e42cc1d206
+SHA512 (krb5-1.17-beta2.tar.gz.asc) = cfb826cd69701071411270b75ed8241487e2aef032ae407f866e63c7871dbb23103b02fec73ab8ee4ae085b03216c91e688ad0b77e068054e4b1d3a625fcfc8b