diff --git a/.gitignore b/.gitignore
index 918cc33..84741e1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
 SOURCES/pkg-varnish-cache-0ad2f22.tar.gz
-SOURCES/varnish-6.0.6.tgz
+SOURCES/varnish-6.0.8.tgz
diff --git a/.varnish.metadata b/.varnish.metadata
index aa082b2..597d7a5 100644
--- a/.varnish.metadata
+++ b/.varnish.metadata
@@ -1,2 +1,2 @@
 db2cd6c296e7f19d65c09e642b7011338d9d0e04 SOURCES/pkg-varnish-cache-0ad2f22.tar.gz
-c9cdd61f46d70b1bf8cb5eac3510aa3f4cf5c326 SOURCES/varnish-6.0.6.tgz
+7c5e50eabcd3c0ddb6c463ba4645678a2f71233a SOURCES/varnish-6.0.8.tgz
diff --git a/SOURCES/varnish-6.0.6-CVE-2021-36740.patch b/SOURCES/varnish-6.0.6-CVE-2021-36740.patch
deleted file mode 100644
index 4ba456b..0000000
--- a/SOURCES/varnish-6.0.6-CVE-2021-36740.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-From 9be22198e258d0e7a5c41f4291792214a29405cf Mon Sep 17 00:00:00 2001
-From: Martin Blix Grydeland <martin@varnish-software.com>
-Date: Tue, 22 Jun 2021 11:47:55 +0200
-Subject: [PATCH] Take content length into account on H/2 request bodies
-
-When receiving H/2 data frames, make sure to take the advertised content
-length into account, and fail appropriately if the combined sum of the
-data frames does not match the content length.
----
- bin/varnishd/http2/cache_http2.h       |  2 ++
- bin/varnishd/http2/cache_http2_proto.c | 49 ++++++++++++++++++++------
- 2 files changed, 40 insertions(+), 11 deletions(-)
-
-diff --git a/bin/varnishd/http2/cache_http2.h b/bin/varnishd/http2/cache_http2.h
-index c377d03aac..205b96ccb7 100644
---- a/bin/varnishd/http2/cache_http2.h
-+++ b/bin/varnishd/http2/cache_http2.h
-@@ -131,6 +131,8 @@ struct h2_req {
- 	/* Where to wake this stream up */
- 	struct worker			*wrk;
- 
-+	ssize_t				reqbody_bytes;
-+
- 	VTAILQ_ENTRY(h2_req)		tx_list;
- 	h2_error			error;
- 
-diff --git a/bin/varnishd/http2/cache_http2_proto.c b/bin/varnishd/http2/cache_http2_proto.c
-index cb35bb4873..98f5dc4f37 100644
---- a/bin/varnishd/http2/cache_http2_proto.c
-+++ b/bin/varnishd/http2/cache_http2_proto.c
-@@ -546,7 +546,7 @@ h2_end_headers(struct worker *wrk, struct h2_sess *h2,
-     struct req *req, struct h2_req *r2)
- {
- 	h2_error h2e;
--	const char *b;
-+	ssize_t cl;
- 
- 	ASSERT_RXTHR(h2);
- 	assert(r2->state == H2_S_OPEN);
-@@ -572,14 +572,24 @@ h2_end_headers(struct worker *wrk, struct h2_sess *h2,
- 	// XXX: Have I mentioned H/2 Is hodge-podge ?
- 	http_CollectHdrSep(req->http, H_Cookie, "; ");	// rfc7540,l,3114,3120
- 
-+	cl = http_GetContentLength(req->http);
-+	assert(cl >= -2);
-+	if (cl == -2) {
-+		VSLb(h2->vsl, SLT_Debug, "Non-parseable Content-Length");
-+		return (H2SE_PROTOCOL_ERROR);
-+	}
-+
- 	if (req->req_body_status == REQ_BODY_INIT) {
--		if (!http_GetHdr(req->http, H_Content_Length, &b))
-+		if (cl == -1)
- 			req->req_body_status = REQ_BODY_WITHOUT_LEN;
- 		else
- 			req->req_body_status = REQ_BODY_WITH_LEN;
-+		req->htc->content_length = cl;
- 	} else {
-+		/* A HEADER frame contained END_STREAM */
- 		assert (req->req_body_status == REQ_BODY_NONE);
--		if (http_GetContentLength(req->http) > 0)
-+		r2->state = H2_S_CLOS_REM;
-+		if (cl > 0)
- 			return (H2CE_PROTOCOL_ERROR); //rfc7540,l,1838,1840
- 	}
- 
-@@ -736,6 +746,7 @@ h2_rx_data(struct worker *wrk, struct h2_sess *h2, struct h2_req *r2)
- 	int w1 = 0, w2 = 0;
- 	char buf[4];
- 	unsigned wi;
-+	ssize_t cl;
- 
- 	CHECK_OBJ_NOTNULL(wrk, WORKER_MAGIC);
- 	ASSERT_RXTHR(h2);
-@@ -754,6 +765,23 @@ h2_rx_data(struct worker *wrk, struct h2_sess *h2, struct h2_req *r2)
- 		Lck_Unlock(&h2->sess->mtx);
- 		return (h2->error ? h2->error : r2->error);
- 	}
-+
-+	r2->reqbody_bytes += h2->rxf_len;
-+	if (h2->rxf_flags & H2FF_DATA_END_STREAM)
-+		r2->state = H2_S_CLOS_REM;
-+	cl = r2->req->htc->content_length;
-+	if (cl >= 0 && (r2->reqbody_bytes > cl ||
-+	      (r2->state >= H2_S_CLOS_REM && r2->reqbody_bytes != cl))) {
-+		VSLb(h2->vsl, SLT_Debug,
-+		    "H2: stream %u: Received data and Content-Length"
-+		    " mismatch", h2->rxf_stream);
-+		r2->error = H2SE_PROTOCOL_ERROR; // rfc7540,l,3150,3163
-+		if (r2->cond)
-+			AZ(pthread_cond_signal(r2->cond));
-+		Lck_Unlock(&h2->sess->mtx);
-+		return (H2SE_PROTOCOL_ERROR);
-+	}
-+
- 	AZ(h2->mailcall);
- 	h2->mailcall = r2;
- 	h2->req0->r_window -= h2->rxf_len;
-@@ -772,6 +800,8 @@ h2_rx_data(struct worker *wrk, struct h2_sess *h2, struct h2_req *r2)
- 		r2->r_window += wi;
- 		w2 = 1;
- 	}
-+
-+
- 	Lck_Unlock(&h2->sess->mtx);
- 
- 	if (w1 || w2) {
-@@ -794,7 +824,7 @@ h2_vfp_body(struct vfp_ctx *vc, struct vfp_entry *vfe, void *ptr, ssize_t *lp)
- 	struct h2_req *r2;
- 	struct h2_sess *h2;
- 	unsigned l;
--	enum vfp_status retval = VFP_OK;
-+	enum vfp_status retval;
- 
- 	CHECK_OBJ_NOTNULL(vc, VFP_CTX_MAGIC);
- 	CHECK_OBJ_NOTNULL(vfe, VFP_ENTRY_MAGIC);
-@@ -807,7 +837,6 @@ h2_vfp_body(struct vfp_ctx *vc, struct vfp_entry *vfe, void *ptr, ssize_t *lp)
- 	*lp = 0;
- 
- 	Lck_Lock(&h2->sess->mtx);
--	assert (r2->state == H2_S_OPEN);
- 	r2->cond = &vc->wrk->cond;
- 	while (h2->mailcall != r2 && h2->error == 0 && r2->error == 0)
- 		AZ(Lck_CondWait(r2->cond, &h2->sess->mtx, 0));
-@@ -830,12 +859,10 @@ h2_vfp_body(struct vfp_ctx *vc, struct vfp_entry *vfe, void *ptr, ssize_t *lp)
- 			Lck_Unlock(&h2->sess->mtx);
- 			return (VFP_OK);
- 		}
--		if (h2->rxf_len == 0) {
--			if (h2->rxf_flags & H2FF_DATA_END_STREAM) {
--				retval = VFP_END;
--				r2->state = H2_S_CLOS_REM;
--			}
--		}
-+		if (h2->rxf_len == 0 && r2->state >= H2_S_CLOS_REM)
-+			retval = VFP_END;
-+		else
-+			retval = VFP_OK;
- 		h2->mailcall = NULL;
- 		AZ(pthread_cond_signal(h2->cond));
- 	}
diff --git a/SPECS/varnish.spec b/SPECS/varnish.spec
index 59660c9..bcd941a 100644
--- a/SPECS/varnish.spec
+++ b/SPECS/varnish.spec
@@ -18,8 +18,8 @@
 
 Summary: High-performance HTTP accelerator
 Name: varnish
-Version: 6.0.6
-Release: 2%{?dist}.1
+Version: 6.0.8
+Release: 1%{?dist}
 License: BSD
 Group: System Environment/Daemons
 URL: https://www.varnish-cache.org/
@@ -32,9 +32,6 @@ Patch9:  varnish-5.1.1.fix_python_version.patch
 # https://github.com/varnishcache/varnish-cache/commit/5220c394232c25bb7a807a35e7394059ecefa821#diff-2279587378a4426edde05f42e1acca5e
 Patch11: varnish-6.0.0.fix_el6_fortify_source.patch
 
-# https://bugzilla.redhat.com/show_bug.cgi?id=1982409
-Patch100: varnish-6.0.6-CVE-2021-36740.patch
-
 Obsoletes: varnish-libs
 
 %if %{with python3}
@@ -143,8 +140,6 @@ sed -i '8 i\RPM_BUILD_ROOT=%{buildroot}' find-provides
 %patch11 -p0
 %endif
 
-%patch100 -p1 -b .CVE-2021-36740
-
 %build
 %if 0%{?rhel} == 6
 export CFLAGS="%{optflags} -fPIC"
@@ -376,8 +371,9 @@ fi
 
 
 %changelog
-* Thu Jul 22 2021 Luboš Uhliarik <luhliari@redhat.com> - 6.0.6-2.1
-- Resolves: #1982861 - CVE-2021-36740 varnish:6/varnish: HTTP/2 request
+* Thu Jul 22 2021 Luboš Uhliarik <luhliari@redhat.com> - 6.0.8-1
+- new version 6.0.8
+- Resolves: #1982862 - CVE-2021-36740 varnish:6/varnish: HTTP/2 request
   smuggling attack via a large Content-Length header for a POST request
 
 * Tue Apr 14 2020 Lubos Uhliarik <luhliari@redhat.com> - 6.0.6-2