diff --git a/libunbound-devel-mini.changes b/libunbound-devel-mini.changes
index d5263f5..18fe4e4 100644
--- a/libunbound-devel-mini.changes
+++ b/libunbound-devel-mini.changes
@@ -1,4 +1,226 @@
 -------------------------------------------------------------------
+Thu Aug 12 18:02:18 UTC 2021 - Michael Ströder <michael@stroeder.com>
+
+- update to 1.13.2
+
+Features
+- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
+  ZONEMD records are checked for zones loaded as auth-zone,
+  with DNSSEC if available.  There is an added option
+  zonemd-permissive-mode that makes it log but not fail wrong zones.
+  With zonemd-reject-absence for an auth-zone the presence of a
+  zonemd can be mandated for specific zones.
+- Fix: Resolve interface names on control-interface too.
+- Merge #470 from edevil: Allow configuration of persistent TCP
+  connections.
+- Fix #474: always_null and others inside view.
+- Add that log-servfail prints an IP address and more information
+  about one of the last failures for that query.
+- Merge #478: Allow configuration of TCP timeout while waiting for
+  response.
+- Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
+- Move the NSEC3 max iterations count in line with the 150 value
+  used by BIND, Knot and PowerDNS. This sets the default value
+  for it in the configuration to 150 for all key sizes.
+- zonemd-check: yesno option, default no, enables the processing
+  of ZONEMD records for that zone.
+- Merge #486 by fobster: Make VAL_MAX_RESTART_COUNT configurable.
+- Merge PR #491: Add SVCB and HTTPS types and handling according to
+  draft-ietf-dnsop-svcb-https.
+- Introduce 'http-user-agent:' and 'hide-http-user-agent:' options.
+
+Bug Fixes
+- Fix for Python 3.9, no longer use deprecated functions of
+  PyEval_CallObject (now PyObject_Call), PyEval_InitThreads (now
+  none), PyParser_SimpleParseFile (now Py_CompileString).
+- Merge PR #420 from dyunwei: DOH not responsing with
+  "http2_query_read_done failure" logged.
+- Fix #422: IPv6 fallback issues when IPv6 is not properly
+  enabled/configured.
+- Fix to make tests work with support indicators set for iterator.
+- Fix build on Python 3.10.
+- Fix doxygen and pydoc warnings.
+- Fix #429: rpz: url: with https: broken (regression in 1.13.1).
+- rpz skip nsec3param records, and nicer log for unsupported actions.
+- Fix #431: Squelch permission denied errors for tcp connect
+  and udp connect from the logs, unless at high verbosity.
+- Fix for zonemd, that nxdomain for the chain of trust is allowed
+  for island zones, it is treated as an insecure zone for verification.
+- Fix for zonemd, that domain-insecure zones work without dnssec.
+- Fix for zonemd, do not reject insecure result from trust anchor
+  validation step in dnssec chain of trust.
+- On startup of unbound it checks if rlimits on memory size look
+  sufficient for the configured cache size, and logs warning if not.
+- Fix function documentation.
+- Fix unit test for added ulimit checks.
+- spelling fix in header.
+- Fix #384: (1) A minor request to improve the log (2) A minor bug in one
+  log message.
+- ipsecmod: Better logging for detecting a cycle when attaching the
+  A/AAAA subquery.
+- Merge PR #367 : DNSTAP log local address.  With code from PR #365
+  and fixes #368 : dnstap does not log the DNS message ID for
+  FORWARDER_QUERY.
+- Fix to allow rpz with wildcard that applies to all TLDs at once.
+- Fix for #367: rc_ports don't have ub_sock; skip cleaning up.
+- Fix spurious errors about "Could not generate request: out of
+  memory".  The mesh detect cycle routine no longer wrongly stops
+  the check when the calling mesh state is unique.
+- Workaround for #439: prevent loops in the reuse rbtree.
+- Debug output for #411 and #439: printout internal error and details.
+- Fix parse of LOC RR type for decimetres.
+- Fix #441: Minimal NSEC range not accepted for top level domains.
+- Fix for #447: squelch connection refused tcp connection failures
+  from the log, unless verbosity is high.
+- Merge #449 from orbea: build: Add missing linker flags.
+- Comment out nonworking OSX and IOS travis tests, vm fails to start.
+- Fix compile error in listen_dnsport on Android.
+- Fix memory leak reported by asan in rpz SOA record query name.
+- Fix unused-function warning when compiling with --enable-dnscrypt.
+- Fix for #367: fix memory leak when cannot bind to listening port.
+- Reformat pythonmod/pythonmod_utils.{c,h}.
+- Travis enable all tests again. Clang analyzer only a couple times,
+  when there is a difference. homebrew updates disabled, so it does
+  not hang. removed trailing slashes from configure paths. Moved iOS
+  tests to allow-failure.
+- travis, analyzer disabled on test without debug, that does not
+  run anway.  Turn off failing tests except one.  Update iOS test
+  to xcode image 12.2.
+- Fix deprecation test to work for iOS TVOS and WatchOS, it uses
+  CFLAGS and CPPFLAGS and also checks if the item is unavailable.
+- Travis, fix script to fail when tasks fail.
+- Travis, fix warning in ubsan compile.
+- Fix configure Targetconfiditionals.h header check, to use compile.
+- Fix that cachedb does not produce empty object files when disabled.
+- Fix #429: Also fix end of transfer for http download of auth zones.
+- Disable the use of stack-protector for cross compiled 32-bit windows
+  builds; relates to #444.
+- Fix stack-protector change to not override other CFLAGS options.
+- Clean makedist.sh.
+- Merge #460 from orbea: build: Link with the libtool archive.
+- Fix to stop IPv6 PMTU discovery.
+- Fix for #411: Depth protect for crash on deleted element timeout.
+- rebuild configure to set EXTRALINK to libunbound.la for #460.
+- Fix permission denied sendto log, squelch the log messages
+  unless high verbosity is set.
+- Fix (increase) verbosity level for iterator error log in
+  processQueryTargets().
+- Fix that nxdomain synthesis does not happen above the stub or
+  forward definition.
+- Fix documentation comment for files previously residing in checkconf/.
+- Remove unused functions worker_handle_reply and libworker_handle_reply.
+- Merge #466 from FGasper: Support OpenSSLs that lack
+  SSL_get0_alpn_selected.
+- Fix #468: OpenSSL 1.0.1 can no longer build Unbound.
+- Further fix for #468: detect SSL_CTX_set_alpn_protos for build with
+  OpenSSL 1.0.1.
+- Fix that testcode dohclient has OpenSSL initialisation calls.
+- Fix compiler warning for signed/unsigned comparison for
+  max_reuse_tcp_queries.
+- Fix #481: Fix comment in configuration file.
+- Fix to squelch tcp socket bind failures when the interface is gone.
+- Rerun flex and bison.
+- Fix for #367: only attempt to get the interface for queries that are no
+  longer on the tcp_waiting_list.
+- Add more logging for out-of-memory cases.
+- Fix #485: Unbound occasionally reports broken stats.
+- Remove case fallthrough from deprecate-rsa-1024 code.
+- Merge PR #487: ifdef RLIMIT_AS in recently added check.
+- Fix that auth-zone zonefiles use last TTL if no TTL is specified.
+- Fix #489: Compile using MSYS2 MinGW 64-bit.
+- Fix for #411, #439, #469: Reset the DNS message ID when moving queries
+  between TCP streams.
+- Refactor for uniform way to produce random DNS message IDs.
+- Test code has -q option for quiet output.
+- Fix #492: module-config respip missing in unbound.conf.5.in man
+  page. Merges #494 from he32.
+- For #492: Fix font highlighting for the man page on emacs.
+- Merge #496 from banburybill: Use build system endianness if
+  available, otherwise try to work it out.
+- Fix test for zonemd-check option.
+- Merge #448 from shoeper: Update unbound-control.8.in, fix
+  rpz_disable typo.
+- Fix #425: Document auth-zone supports communication with DNS
+  primary on nondefault port.
+- Fix unused variable warning when compiling with --enable-dnstap.
+- Generated lexer and parser for #486; updated example.conf.
+- Fix #413 (based on patch by k-ronny): unbound: does not compile
+  on macOS 11.1-x86_64 host.
+- Use host_os instead of target_os in configure for Darwin8 build.
+- Fix #500: SPEC file in version 1.13.1 references version 1.4;
+  unable to build RPM from source.
+- Fix contrib/unbound.spec, fixed url and comment.
+- Fix configure nonblocking test and onmingw test to use host.
+- Merge #440 by kimheino: Various fixes to contrib/unbound_munin_ file.
+- Fix a number of warnings reported by the gcc analyzer.
+- Fix #495: Documentation or implementation of "verbosity" option.
+- Fix #503: DNS over HTTPS response truncated.
+- Fix warnings reported by the gcc analyzer.
+- Add analyzer and port compile github workflow.
+- Fix up permissions on rpl data file in tests.
+- Fix testbound newline treatment in moment_read and tempfile write.
+- Fix configure grep for reuseport default for failure.
+- Fix compat ctime_r return value
+- Fix configure does not require pkg-config if not needed.
+- Fix unit test in the ctime_r calls for autotrust and in testbound.
+- Fix auth zone download on windows to unlink before rename.
+- Fix #506: Python Module Seems to Leak Memory if it Experiences an
+  Unhandled Exception.
+- Fix Wunused-result compile warnings.
+- Fix compiler warnings for #491.
+- Fix clang-analysis warnings for testcode/readzone.c.
+- Merge #510 from ndptech: Don't call a function which hasn't been
+  defined.
+- Fix for #510: in depth, use ifdefs for windows api event calls.
+- Fix spelling in doc/unbound.doxygen comment.
+- Fix spelling in localzone.h comment.
+- Fix unbound-control local_data and local_datas to print detailed
+  syntax errors.
+- review fix to remove duplicate error printout.
+- Insert header into testcode/readzone.c, it was missing.
+- Fix from lint for ignored return value.
+- Fix for older parsers for function call in serve expired get cached.
+- Fix that ldns_zone_new_frm_fp_l counts the line number for an empty
+  line after a comment.
+- Merge #512: unbound.service.in: upgrade hardening to latest
+  standards.
+- Fix readzone unknown type print for memory resize.
+- Merge #513: Stream reuse, attempt to fix #411, #439, #469. This
+  introduces a couple of fixes for the stream reuse functionality
+  that could result in broken internal structures.
+- Fix #515: Compilation against openssl 3.0.0 beta2 is failing to
+  build unbound.
+- For #515: Fix compilation with openssl 3.0.0 beta2, lib64 dir and
+  SSL_get_peer_certificate.
+- Move acx_nlnetlabs.m4 to version 41, with lib64 openssl dir check.
+- Prepare for OpenSSL 3.0.0 provider API usage, move the sldns
+  keyraw functions to produce EVP_PKEY results.
+- Move RSA and DSA to use OpenSSL 3.0.0 API.
+- Move ECDSA functions to use OpenSSL 3.0.0 API.
+- iana portlist update.
+- Fix verbose printout failure in tcp reuse unit test.
+- Merge PR #517 from dyunwei: #420 breaks the mesh reply list
+  function that need to reuse the dns answer.
+- Annotate assertion into error printout; we think it may be an
+  error, but the situation looks harmless.
+- Fix sign comparison warning on FreeBSD.
+- Listen to read or write events after the SSL handshake.
+  Sticky events on windows would stick on read when write was needed.
+- Merge PR #415 from sibeream: Use
+  /proc/sys/net/ipv4/ip_local_port_range to determine available outgoing
+  ports. (New --enable-linux-ip-local-port-range configuration option)
+- Bump MAX_RESTART_COUNT to 11 from 8; in relation to #438. This
+  allows longer CNAME chains in Unbound.
+- In unit test use openssl set security level to allow keys in test.
+- Fix static analysis warnings about localzone locks that are unused.
+- Fix missing locks in zonemd unit test.
+- Fix readzone compile under debug config.
+- Fix out of sourcedir run of zonemd unit tests.
+- Fix libnettle zonemd unit test.
+- Fix unit test zonemd_reload for use in run_vm.
+- Fix #520: Unbound 1.13.2rc1 fails to build python module.
+
+-------------------------------------------------------------------------------------
 Tue May 11 21:57:51 UTC 2021 - Cristian Rodríguez <crrodriguez@opensuse.org>
 
 - Use --disable-explicit-port-randomisation, the linux kernel
diff --git a/libunbound-devel-mini.spec b/libunbound-devel-mini.spec
index 77aaa25..efdc9c0 100644
--- a/libunbound-devel-mini.spec
+++ b/libunbound-devel-mini.spec
@@ -24,7 +24,7 @@
 
 #
 Name:           libunbound-devel-mini
-Version:        1.13.1
+Version:        1.13.2
 Release:        0
 #
 #
diff --git a/unbound-1.13.1.tar.gz b/unbound-1.13.1.tar.gz
deleted file mode 100644
index f658925..0000000
--- a/unbound-1.13.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8504d97b8fc5bd897345c95d116e0ee0ddf8c8ff99590ab2b4bd13278c9f50b8
-size 5976957
diff --git a/unbound-1.13.2.tar.gz b/unbound-1.13.2.tar.gz
new file mode 100644
index 0000000..55f2086
--- /dev/null
+++ b/unbound-1.13.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0a13b547f3b92a026b5ebd0423f54c991e5718037fd9f72445817f6a040e1a83
+size 6127915
diff --git a/unbound.changes b/unbound.changes
index c8e8ea4..a92e655 100644
--- a/unbound.changes
+++ b/unbound.changes
@@ -1,3 +1,225 @@
+-------------------------------------------------------------------
+Thu Aug 12 18:02:18 UTC 2021 - Michael Ströder <michael@stroeder.com>
+
+- update to 1.13.2
+
+Features
+- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
+  ZONEMD records are checked for zones loaded as auth-zone,
+  with DNSSEC if available.  There is an added option
+  zonemd-permissive-mode that makes it log but not fail wrong zones.
+  With zonemd-reject-absence for an auth-zone the presence of a
+  zonemd can be mandated for specific zones.
+- Fix: Resolve interface names on control-interface too.
+- Merge #470 from edevil: Allow configuration of persistent TCP
+  connections.
+- Fix #474: always_null and others inside view.
+- Add that log-servfail prints an IP address and more information
+  about one of the last failures for that query.
+- Merge #478: Allow configuration of TCP timeout while waiting for
+  response.
+- Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
+- Move the NSEC3 max iterations count in line with the 150 value
+  used by BIND, Knot and PowerDNS. This sets the default value
+  for it in the configuration to 150 for all key sizes.
+- zonemd-check: yesno option, default no, enables the processing
+  of ZONEMD records for that zone.
+- Merge #486 by fobster: Make VAL_MAX_RESTART_COUNT configurable.
+- Merge PR #491: Add SVCB and HTTPS types and handling according to
+  draft-ietf-dnsop-svcb-https.
+- Introduce 'http-user-agent:' and 'hide-http-user-agent:' options.
+
+Bug Fixes
+- Fix for Python 3.9, no longer use deprecated functions of
+  PyEval_CallObject (now PyObject_Call), PyEval_InitThreads (now
+  none), PyParser_SimpleParseFile (now Py_CompileString).
+- Merge PR #420 from dyunwei: DOH not responsing with
+  "http2_query_read_done failure" logged.
+- Fix #422: IPv6 fallback issues when IPv6 is not properly
+  enabled/configured.
+- Fix to make tests work with support indicators set for iterator.
+- Fix build on Python 3.10.
+- Fix doxygen and pydoc warnings.
+- Fix #429: rpz: url: with https: broken (regression in 1.13.1).
+- rpz skip nsec3param records, and nicer log for unsupported actions.
+- Fix #431: Squelch permission denied errors for tcp connect
+  and udp connect from the logs, unless at high verbosity.
+- Fix for zonemd, that nxdomain for the chain of trust is allowed
+  for island zones, it is treated as an insecure zone for verification.
+- Fix for zonemd, that domain-insecure zones work without dnssec.
+- Fix for zonemd, do not reject insecure result from trust anchor
+  validation step in dnssec chain of trust.
+- On startup of unbound it checks if rlimits on memory size look
+  sufficient for the configured cache size, and logs warning if not.
+- Fix function documentation.
+- Fix unit test for added ulimit checks.
+- spelling fix in header.
+- Fix #384: (1) A minor request to improve the log (2) A minor bug in one
+  log message.
+- ipsecmod: Better logging for detecting a cycle when attaching the
+  A/AAAA subquery.
+- Merge PR #367 : DNSTAP log local address.  With code from PR #365
+  and fixes #368 : dnstap does not log the DNS message ID for
+  FORWARDER_QUERY.
+- Fix to allow rpz with wildcard that applies to all TLDs at once.
+- Fix for #367: rc_ports don't have ub_sock; skip cleaning up.
+- Fix spurious errors about "Could not generate request: out of
+  memory".  The mesh detect cycle routine no longer wrongly stops
+  the check when the calling mesh state is unique.
+- Workaround for #439: prevent loops in the reuse rbtree.
+- Debug output for #411 and #439: printout internal error and details.
+- Fix parse of LOC RR type for decimetres.
+- Fix #441: Minimal NSEC range not accepted for top level domains.
+- Fix for #447: squelch connection refused tcp connection failures
+  from the log, unless verbosity is high.
+- Merge #449 from orbea: build: Add missing linker flags.
+- Comment out nonworking OSX and IOS travis tests, vm fails to start.
+- Fix compile error in listen_dnsport on Android.
+- Fix memory leak reported by asan in rpz SOA record query name.
+- Fix unused-function warning when compiling with --enable-dnscrypt.
+- Fix for #367: fix memory leak when cannot bind to listening port.
+- Reformat pythonmod/pythonmod_utils.{c,h}.
+- Travis enable all tests again. Clang analyzer only a couple times,
+  when there is a difference. homebrew updates disabled, so it does
+  not hang. removed trailing slashes from configure paths. Moved iOS
+  tests to allow-failure.
+- travis, analyzer disabled on test without debug, that does not
+  run anway.  Turn off failing tests except one.  Update iOS test
+  to xcode image 12.2.
+- Fix deprecation test to work for iOS TVOS and WatchOS, it uses
+  CFLAGS and CPPFLAGS and also checks if the item is unavailable.
+- Travis, fix script to fail when tasks fail.
+- Travis, fix warning in ubsan compile.
+- Fix configure Targetconfiditionals.h header check, to use compile.
+- Fix that cachedb does not produce empty object files when disabled.
+- Fix #429: Also fix end of transfer for http download of auth zones.
+- Disable the use of stack-protector for cross compiled 32-bit windows
+  builds; relates to #444.
+- Fix stack-protector change to not override other CFLAGS options.
+- Clean makedist.sh.
+- Merge #460 from orbea: build: Link with the libtool archive.
+- Fix to stop IPv6 PMTU discovery.
+- Fix for #411: Depth protect for crash on deleted element timeout.
+- rebuild configure to set EXTRALINK to libunbound.la for #460.
+- Fix permission denied sendto log, squelch the log messages
+  unless high verbosity is set.
+- Fix (increase) verbosity level for iterator error log in
+  processQueryTargets().
+- Fix that nxdomain synthesis does not happen above the stub or
+  forward definition.
+- Fix documentation comment for files previously residing in checkconf/.
+- Remove unused functions worker_handle_reply and libworker_handle_reply.
+- Merge #466 from FGasper: Support OpenSSLs that lack
+  SSL_get0_alpn_selected.
+- Fix #468: OpenSSL 1.0.1 can no longer build Unbound.
+- Further fix for #468: detect SSL_CTX_set_alpn_protos for build with
+  OpenSSL 1.0.1.
+- Fix that testcode dohclient has OpenSSL initialisation calls.
+- Fix compiler warning for signed/unsigned comparison for
+  max_reuse_tcp_queries.
+- Fix #481: Fix comment in configuration file.
+- Fix to squelch tcp socket bind failures when the interface is gone.
+- Rerun flex and bison.
+- Fix for #367: only attempt to get the interface for queries that are no
+  longer on the tcp_waiting_list.
+- Add more logging for out-of-memory cases.
+- Fix #485: Unbound occasionally reports broken stats.
+- Remove case fallthrough from deprecate-rsa-1024 code.
+- Merge PR #487: ifdef RLIMIT_AS in recently added check.
+- Fix that auth-zone zonefiles use last TTL if no TTL is specified.
+- Fix #489: Compile using MSYS2 MinGW 64-bit.
+- Fix for #411, #439, #469: Reset the DNS message ID when moving queries
+  between TCP streams.
+- Refactor for uniform way to produce random DNS message IDs.
+- Test code has -q option for quiet output.
+- Fix #492: module-config respip missing in unbound.conf.5.in man
+  page. Merges #494 from he32.
+- For #492: Fix font highlighting for the man page on emacs.
+- Merge #496 from banburybill: Use build system endianness if
+  available, otherwise try to work it out.
+- Fix test for zonemd-check option.
+- Merge #448 from shoeper: Update unbound-control.8.in, fix
+  rpz_disable typo.
+- Fix #425: Document auth-zone supports communication with DNS
+  primary on nondefault port.
+- Fix unused variable warning when compiling with --enable-dnstap.
+- Generated lexer and parser for #486; updated example.conf.
+- Fix #413 (based on patch by k-ronny): unbound: does not compile
+  on macOS 11.1-x86_64 host.
+- Use host_os instead of target_os in configure for Darwin8 build.
+- Fix #500: SPEC file in version 1.13.1 references version 1.4;
+  unable to build RPM from source.
+- Fix contrib/unbound.spec, fixed url and comment.
+- Fix configure nonblocking test and onmingw test to use host.
+- Merge #440 by kimheino: Various fixes to contrib/unbound_munin_ file.
+- Fix a number of warnings reported by the gcc analyzer.
+- Fix #495: Documentation or implementation of "verbosity" option.
+- Fix #503: DNS over HTTPS response truncated.
+- Fix warnings reported by the gcc analyzer.
+- Add analyzer and port compile github workflow.
+- Fix up permissions on rpl data file in tests.
+- Fix testbound newline treatment in moment_read and tempfile write.
+- Fix configure grep for reuseport default for failure.
+- Fix compat ctime_r return value
+- Fix configure does not require pkg-config if not needed.
+- Fix unit test in the ctime_r calls for autotrust and in testbound.
+- Fix auth zone download on windows to unlink before rename.
+- Fix #506: Python Module Seems to Leak Memory if it Experiences an
+  Unhandled Exception.
+- Fix Wunused-result compile warnings.
+- Fix compiler warnings for #491.
+- Fix clang-analysis warnings for testcode/readzone.c.
+- Merge #510 from ndptech: Don't call a function which hasn't been
+  defined.
+- Fix for #510: in depth, use ifdefs for windows api event calls.
+- Fix spelling in doc/unbound.doxygen comment.
+- Fix spelling in localzone.h comment.
+- Fix unbound-control local_data and local_datas to print detailed
+  syntax errors.
+- review fix to remove duplicate error printout.
+- Insert header into testcode/readzone.c, it was missing.
+- Fix from lint for ignored return value.
+- Fix for older parsers for function call in serve expired get cached.
+- Fix that ldns_zone_new_frm_fp_l counts the line number for an empty
+  line after a comment.
+- Merge #512: unbound.service.in: upgrade hardening to latest
+  standards.
+- Fix readzone unknown type print for memory resize.
+- Merge #513: Stream reuse, attempt to fix #411, #439, #469. This
+  introduces a couple of fixes for the stream reuse functionality
+  that could result in broken internal structures.
+- Fix #515: Compilation against openssl 3.0.0 beta2 is failing to
+  build unbound.
+- For #515: Fix compilation with openssl 3.0.0 beta2, lib64 dir and
+  SSL_get_peer_certificate.
+- Move acx_nlnetlabs.m4 to version 41, with lib64 openssl dir check.
+- Prepare for OpenSSL 3.0.0 provider API usage, move the sldns
+  keyraw functions to produce EVP_PKEY results.
+- Move RSA and DSA to use OpenSSL 3.0.0 API.
+- Move ECDSA functions to use OpenSSL 3.0.0 API.
+- iana portlist update.
+- Fix verbose printout failure in tcp reuse unit test.
+- Merge PR #517 from dyunwei: #420 breaks the mesh reply list
+  function that need to reuse the dns answer.
+- Annotate assertion into error printout; we think it may be an
+  error, but the situation looks harmless.
+- Fix sign comparison warning on FreeBSD.
+- Listen to read or write events after the SSL handshake.
+  Sticky events on windows would stick on read when write was needed.
+- Merge PR #415 from sibeream: Use
+  /proc/sys/net/ipv4/ip_local_port_range to determine available outgoing
+  ports. (New --enable-linux-ip-local-port-range configuration option)
+- Bump MAX_RESTART_COUNT to 11 from 8; in relation to #438. This
+  allows longer CNAME chains in Unbound.
+- In unit test use openssl set security level to allow keys in test.
+- Fix static analysis warnings about localzone locks that are unused.
+- Fix missing locks in zonemd unit test.
+- Fix readzone compile under debug config.
+- Fix out of sourcedir run of zonemd unit tests.
+- Fix libnettle zonemd unit test.
+- Fix unit test zonemd_reload for use in run_vm.
+- Fix #520: Unbound 1.13.2rc1 fails to build python module.
+
 -------------------------------------------------------------------
 Sun May 30 19:28:48 UTC 2021 - Togan Muftuoglu <toganm@dinamizm.com>
 
diff --git a/unbound.spec b/unbound.spec
index de36c20..502602a 100644
--- a/unbound.spec
+++ b/unbound.spec
@@ -36,7 +36,7 @@
 %define piddir /run
 
 Name:           unbound
-Version:        1.13.1
+Version:        1.13.2
 Release:        0
 #
 #