diff --git a/Werkzeug-0.8.3.tar.gz b/Werkzeug-0.8.3.tar.gz
deleted file mode 100644
index b8f4d62..0000000
--- a/Werkzeug-0.8.3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:108c3d41fb701c4af4ef00e8ebbedc147632c82247beb798c8d8657a12810206
-size 1108617
diff --git a/Werkzeug-0.9.4.tar.gz b/Werkzeug-0.9.4.tar.gz
new file mode 100644
index 0000000..68e6c7b
--- /dev/null
+++ b/Werkzeug-0.9.4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c1baf7a3e8be70f34d931ee173283f406877bd3d17f372bbe82318a5b3c510cc
+size 1126353
diff --git a/python-Werkzeug.changes b/python-Werkzeug.changes
index 2b2a6e4..f58d9be 100644
--- a/python-Werkzeug.changes
+++ b/python-Werkzeug.changes
@@ -1,3 +1,129 @@
+-------------------------------------------------------------------
+Tue Sep  3 08:12:07 UTC 2013 - dmueller@suse.com
+
+- update to 0.9.4:
+  - Fixed an issue with Python 3.3 and an edge case in cookie parsing.
+  - Fixed decoding errors not handled properly through the WSGI
+    decoding dance.
+  - Fixed URI to IRI conversion incorrectly decoding percent signs.
+  - Restored beahvior of the ``data`` descriptor of the request class to pre 0.9
+    behavior.  This now also means that ``.data`` and ``.get_data()`` have
+    different behavior.  New code should use ``.get_data()`` always.
+
+    In addition to that there is now a flag for the ``.get_data()`` method that
+    controls what should happen with form data parsing and the form parser will
+    honor cached data.  This makes dealing with custom form data more consistent.
+  - Added `unsafe` parameter to :func:`~werkzeug.urls.url_quote`.
+  - Fixed an issue with :func:`~werkzeug.urls.url_quote_plus` not quoting
+    `'+'` correctly.
+  - Ported remaining parts of :class:`~werkzeug.contrib.RedisCache` to
+    Python 3.3.
+  - Ported remaining parts of :class:`~werkzeug.contrib.MemcachedCache` to
+    Python 3.3
+  - Fixed a deprecation warning in the contrib atom module.
+  - Fixed a regression with setting of content types through the
+    headers dictionary instead with the content type parameter.
+  - Use correct name for stdlib secure string comparision function.
+  - Fixed a wrong reference in the docstring of
+    :func:`~werkzeug.local.release_local`.
+  - Fixed an `AttributeError` that sometimes occurred when accessing the
+    :attr:`werkzeug.wrappers.BaseResponse.is_streamed` attribute.
+  - Fixed an issue with integers no longer being accepted in certain
+    parts of the routing system or URL quoting functions.
+  - Fixed an issue with `url_quote` not producing the right escape
+    codes for single digit codepoints.
+  - Fixed an issue with :class:`~werkzeug.wsgi.SharedDataMiddleware` not
+    reading the path correctly and breaking on etag generation in some
+    cases.
+  - Properly handle `Expect: 100-continue` in the development server
+    to resolve issues with curl.
+  - Automatically exhaust the input stream on request close.  This should
+    fix issues where not touching request files results in a timeout.
+  - Fixed exhausting of streams not doing anything if a non-limited
+    stream was passed into the multipart parser.
+  - Raised the buffer sizes for the multipart parser.
+  - Added support for :meth:`~werkzeug.wsgi.LimitedStream.tell`
+    on the limited stream.
+  - :class:`~werkzeug.datastructures.ETags` now is nonzero if it
+    contains at least one etag of any kind, including weak ones.
+  - Added a workaround for a bug in the stdlib for SSL servers.
+  - Improved SSL interface of the devserver so that it can generate
+    certificates easily and load them from files.
+  - Refactored test client to invoke the open method on the class
+    for redirects.  This makes subclassing more powerful.
+  - :func:`werkzeug.wsgi.make_chunk_iter` and
+    :func:`werkzeug.wsgi.make_line_iter` now support processing of
+    iterators and streams.
+  - URL generation by the routing system now no longer quotes
+    ``+``.
+  - URL fixing now no longer quotes certain reserved characters.
+  - The :func:`werkzeug.security.generate_password_hash` and
+    check functions now support any of the hashlib algorithms.
+  - `wsgi.get_current_url` is now ascii safe for browsers sending
+    non-ascii data in query strings.
+  - improved parsing behavior for :func:`werkzeug.http.parse_options_header`
+  - added more operators to local proxies.
+  - added a hook to override the default converter in the routing
+    system.
+  - The description field of HTTP exceptions is now always escaped.
+    Use markup objects to disable that.
+  - Added number of proxy argument to the proxy fix to make it more
+    secure out of the box on common proxy setups.  It will by default
+    no longer trust the x-forwarded-for header as much as it did
+    before.
+  - Added support for fragment handling in URI/IRI functions.
+  - Added custom class support for :func:`werkzeug.http.parse_dict_header`.
+  - Renamed `LighttpdCGIRootFix` to `CGIRootFix`.
+  - Always treat `+` as safe when fixing URLs as people love misusing them.
+  - Added support to profiling into directories in the contrib profiler.
+  - The escape function now by default escapes quotes.
+  - Changed repr of exceptions to be less magical.
+  - Simplified exception interface to no longer require environmnts
+    to be passed to recieve the response object.
+  - Added sentinel argument to IterIO objects.
+  - Added pbkdf2 support for the security module.
+  - Added a plain request type that disables all form parsing to only
+    leave the stream behind.
+  - Removed support for deprecated `fix_headers`.
+  - Removed support for deprecated `header_list`.
+  - Removed support for deprecated parameter for `iter_encoded`.
+  - Removed support for deprecated non-silent usage of the limited
+    stream object.
+  - Removed support for previous dummy `writable` parameter on
+    the cached property.
+  - Added support for explicitly closing request objects to close
+    associated resources.
+  - Conditional request handling or access to the data property on responses no
+    longer ignores direct passthrough mode.
+  - Removed werkzeug.templates and werkzeug.contrib.kickstart.
+  - Changed host lookup logic for forwarded hosts to allow lists of
+    hosts in which case only the first one is picked up.
+  - Added `wsgi.get_query_string`, `wsgi.get_path_info` and
+    `wsgi.get_script_name` and made the `wsgi.pop_path_info` and
+    `wsgi.peek_path_info` functions perform unicode decoding.  This
+    was necessary to avoid having to expose the WSGI encoding dance
+    on Python 3.
+  - Added `content_encoding` and `content_md5` to the request object's
+    common request descriptor mixin.
+  - added `options` and `trace` to the test client.
+  - Overhauled the utilization of the input stream to be easier to use
+    and better to extend.  The detection of content payload on the input
+    side is now more compliant with HTTP by detecting off the content
+    type header instead of the request method.  This also now means that
+    the stream property on the request class is always available instead
+    of just when the parsing fails.
+  - Added support for using :class:`werkzeug.wrappers.BaseResponse` in a with
+    statement.
+  - Changed `get_app_iter` to fetch the response early so that it does not
+    fail when wrapping a response iterable.  This makes filtering easier.
+  - Introduced `get_data` and `set_data` methods for responses.
+  - Introduced `get_data` for requests.
+  - Soft deprecated the `data` descriptors for request and response objects.
+  - Added `as_bytes` operations to some of the headers to simplify working
+    with things like cookies.
+  - Made the debugger paste tracebacks into github's gist service as
+    private pastes.
+
 -------------------------------------------------------------------
 Mon Mar 12 21:35:29 UTC 2012 - saschpe@gmx.de
 
diff --git a/python-Werkzeug.spec b/python-Werkzeug.spec
index 0116e11..90be4f5 100644
--- a/python-Werkzeug.spec
+++ b/python-Werkzeug.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-Werkzeug
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           python-Werkzeug
-Version:        0.8.3
+Version:        0.9.4
 Release:        0
 Url:            http://werkzeug.pocoo.org/
 Summary:        The Swiss Army knife of Python web development