diff --git a/nsd-4.1.10.tar.gz b/nsd-4.1.10.tar.gz
deleted file mode 100644
index 77763e7..0000000
--- a/nsd-4.1.10.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3a757014046752a0b0b11c1a2e22a36bb796f89f6939147ed3226556b4298727
-size 1075892
diff --git a/nsd-4.1.10.tar.gz.asc b/nsd-4.1.10.tar.gz.asc
deleted file mode 100644
index 6fdc39d..0000000
--- a/nsd-4.1.10.tar.gz.asc
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAABAgAGBQJXX/YJAAoJEJ9vHC1+BF+N4FsP/1P5FHe23x2USPNSgjRMfb+G
-dPr8xkngUzZ5NPAH3LjQmPODV5FyWDCCRPB0LQzjiDZm4rVq1z+o4oGxjOxfWBwl
-KZwWhxyoIfLBs3/Sz3PZ+jaOFWrIuYyOXeBXHc8vH6jfpvBd/ZtmMz3m9rK1M4WE
-TAHY9Y8R10AJbSLD9A+DGcrN87zT8z5s9DnI2utgTRS+0VJNr5daXVLI9IqAYRx1
-pe1sZs+1tLtu/KFW6ytkCuHoAuGnN0Y8eBYxde7kMGy0fDiRSk3Hwr3hDIsq83nR
-LgWNCofTq7GKLzag/4ULDzkctkOwAjGvvID3/rBBp0nZFex4uJ2p7XVqgVNNPIbh
-EXGDpz6K6M3QEqeetW8/9MJ1vAunTzqRp1phqY2+CYrSRKzSPKsl5Zi/gK4i74q4
-cg7KBiJAtm6x/Encf7WHIS0fuuKg0++cz0Jo+EEUmja0QJhFeI1ncIDF+7KEP9lN
-M0E6p59u6xr1h46teOC5n5HGmmt1TkEW4MSr0WvvBDJHC7rogLYrESwwcw/jGAin
-ZCMzPuKosE9hLEbWgSgy/IyfXSaU3JvgUN/J4HIRZt0h3okPnrS2McwdYx5sjRqr
-hkahA2tYGVinNj7n5HHYio6rUQirR7YrpaBqkiNmaW/PU0klYvV1cUQKl+vAL7s3
-xjrIAUNsLb24cSJbjGGf
-=E4/n
------END PGP SIGNATURE-----
diff --git a/nsd-4.1.13.tar.gz b/nsd-4.1.13.tar.gz
new file mode 100644
index 0000000..fe4b810
--- /dev/null
+++ b/nsd-4.1.13.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c45cd4ba2101a027e133b2be44db9378e27602e05f09a5ef25019e1ae45291af
+size 1085701
diff --git a/nsd-4.1.13.tar.gz.asc b/nsd-4.1.13.tar.gz.asc
new file mode 100644
index 0000000..6e71114
--- /dev/null
+++ b/nsd-4.1.13.tar.gz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJX6ieOAAoJEJ9vHC1+BF+N0fwQALDKHw6BmJ4NcPSoPDIurzEC
+4y3oOdUMXZN1/0qw7UUh3/0y4eQkmRd6MRqlkU9DdJAaZGFy119GVj5b5aaxG/hT
+Qs3wgh6F5KCJyL64+EYAwtvViLRzFCM5QCpWCOPZUjvCEhj3C1wLNjEodmBX76iR
+L5kcbW1RwBUgyVv+H1DS92vsB3gNz27vncw+7ZxDKflr0KxYjR6Xw8lGBFmZb/O+
+uaVWvFRhQzw5dvC5ldorb9mKpPekAuFACaH0X+3SUFHRTagzBSnMCg8bBKqLz+nX
+KgA7D4DOKYFMWN/g+wlsf14LDmhbxfNnAHg6gyrG9CjkP8T0VPdDreIDlZSfC6v3
+4zq5Fau6cDCvat65OhCHMSenRI0rpryAXeKA3+2NnCQFaqg8kvq/UdZDq6HT/+bM
+TTnGuJp8qoOu0piuTI1IHiHqfwY0jSIwQWUn5ofesWNjn5TDGIEx1NQ6ROsr03tx
+lJnW02h7A8OO8oREvgv1u5XX1IbUPTwyyf0STspxCTQxUKkVSjXa6pmEjhnZiAIB
+qZIX7YhAlSO3XS5BI701cPvRbc+Y71VayN8ZBhtUFx7rrjU9ZSTFTx4UuQ8xEP37
++Lob8QtPFZeI6lsCmTCZ//ILMgbyQsbgsSz/4bcnJB9CA21sPTSpEGJMeyOpWVsL
+lHotrAEv8pqgPeWFXObg
+=goPn
+-----END PGP SIGNATURE-----
diff --git a/nsd-rpmlintrc b/nsd-rpmlintrc
new file mode 100644
index 0000000..62abb8b
--- /dev/null
+++ b/nsd-rpmlintrc
@@ -0,0 +1,22 @@
+# failed check. chroot immediately follows chdir
+addFilter("W: missing-call-to-chdir-with-chroot /usr/sbin/nsd")
+
+# We create our group/user
+addFilter("W: non-standard-uid /var/lib/nsd/nsd.db nsd")
+addFilter("W: non-standard-uid /var/log/nsd nsd")
+addFilter("W: non-standard-uid /var/log/nsd/nsd.log nsd")
+addFilter("W: non-standard-uid /var/lib/nsd/xfrd.state nsd")
+addFilter("W: non-standard-uid /var/lib/nsd nsd")
+addFilter("W: non-standard-uid /var/lib/nsd/ixfr.db nsd")
+addFilter("W: non-standard-gid /var/lib/nsd/nsd.db nsd")
+addFilter("W: non-standard-gid /var/log/nsd nsd")
+addFilter("W: non-standard-gid /etc/nsd nsd")
+addFilter("W: non-standard-gid /var/log/nsd/nsd.log nsd")
+addFilter("W: non-standard-gid /etc/nsd/nsd.conf.sample nsd")
+addFilter("W: non-standard-gid /etc/nsd/nsd.conf nsd")
+addFilter("W: non-standard-gid /var/lib/nsd/xfrd.state nsd")
+addFilter("W: non-standard-gid /var/lib/nsd nsd")
+addFilter("W: non-standard-gid /var/lib/nsd/ixfr.db nsd")
+
+addFilter("W: non-standard-gid /run/nsd nsd")
+addFilter("W: non-standard-uid /run/nsd nsd")
diff --git a/nsd.changes b/nsd.changes
index fc20aa2..e188787 100644
--- a/nsd.changes
+++ b/nsd.changes
@@ -1,3 +1,47 @@
+-------------------------------------------------------------------
+Tue Oct 11 11:36:47 UTC 2016 - adam.majer@suse.de
+
+- fix tmpfiles-nsd.conf to point to /run instead of /var/run
+- add nsd-rpmlintrc to not display some bogus errors
+- put log files into /var/log/nsd/
+- put sample config in documentation directory
+- update to 4.1.13
+  - FEATURES
+    - multi-master-check: yes can be used to check all masters for
+      the last version, using the higher version from the
+      configured masters
+    - Support RR type OPENPGPKEY from RFC 7929.
+    - Can config key algorithms with the digest name, eg. 'sha256'.
+    - configure --disable-radix-tree for about 15% lower memory
+      usage.
+    - for type SRV add A/AAAA to the additional section (if
+      possible), just like we already do for type MX.
+    - more extensible edns option handling.
+    - When tcp is more than half full, use short timeout for tcp
+      session.
+    - Patch for {max,min}-{refresh,retry}-time
+    - Fix #790: size-limit-xfr can stop NSD from downloading
+      infinite zone transfer data size, from Toshifumi Sakaguchi.
+      Fixes CVE-2016-6173f
+
+  - BUGFIXES
+    - Fix compile warnings about unused result from write and
+      strtol. and signcompare in minmax retrytime.
+    - Fix #812: fix that make depend fails after distribution.
+    - Fix #817: xfrd update failed loop.
+    - Add robustness against unallocated data in nsec3 trees.
+    - Fix README spelling error of BSD license
+    - Fix multimaster for not tried full zone transfer for a
+      expired zone.
+    - Fix #827: fix compile with openssl 1.1.0 with api=1.1.0.
+    - Fix malformed edns query assertion failure
+    - Fix build without IPv6, patch from Zdenek Kaspar.
+    - Fix #783: Trying to run a root server without having
+      configured it silently gives wrong answers.
+    - Fix #782: Serve DS record but parent zone has no NS record.
+    - Fix nsec3 missing for nsec3 signed parent and child for DS at
+      zonecut.
+
 -------------------------------------------------------------------
 Mon Aug  8 13:10:49 UTC 2016 - adam.majer@suse.de
 
diff --git a/nsd.spec b/nsd.spec
index 3d4da61..f93cb10 100644
--- a/nsd.spec
+++ b/nsd.spec
@@ -20,7 +20,7 @@
 %{!?_tmpfilesdir:%global _tmpfilesdir /usr/lib/tmpfiles.d}
 
 Name:           nsd
-Version:        4.1.10
+Version:        4.1.13
 Release:        0
 #
 License:        BSD-3-Clause
@@ -71,7 +71,7 @@ export LDFLAGS="${LDFLAGS} -pie -Wl,-z,relro,-z,now"
     --with-dbfile=%{home}/nsd.db       \
     --with-xfrdfile=%{home}/xfrd.state \
     --with-pidfile=%{pidfile}          \
-    --with-logfile=/var/log/nsd.log    \
+    --with-logfile=/var/log/nsd/nsd.log \
     --enable-root-server               \
     --enable-bind8-stats               \
     --enable-zone-stats                \
@@ -86,24 +86,21 @@ mv -f doc/CREDITS.utf8 doc/CREDITS
 
 %install
 make install DESTDIR="%{buildroot}"
-for i in %{buildroot}%{configdir}/*.sample ; do
-    cp -v $i ${i%%.sample}
-done
-
+cp -v %{buildroot}%{configdir}/nsd.conf.sample %{buildroot}%{configdir}/nsd.conf
 chmod -Rv o= %{buildroot}%{configdir}/
 #
 install -d -m 0700 %{buildroot}%{home}            \
                    %{buildroot}%{_rundir}/%{name}
 #
-install -d -m 0755 %{buildroot}/var/log/
-touch %{buildroot}%{home}/{nsd.db,ixfr.db,xfrd.state} %{buildroot}/var/log/nsd.log
+install -d -m 0755 %{buildroot}/var/log/nsd/
+touch %{buildroot}%{home}/{nsd.db,ixfr.db,xfrd.state} %{buildroot}/var/log/nsd/nsd.log
 
 %if %{with systemd}
 install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/nsd.service
 install -D -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/nsd.conf
 ln -s -f /usr/sbin/service    %{buildroot}%{_sbindir}/rc%{name}
 %else
-install -D -m 0755 %{S:3}              %{buildroot}%{_sysconfdir}/init.d/%{name}
+install -D -m 0755 %{S:3}     %{buildroot}%{_sysconfdir}/init.d/%{name}
 ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
 %endif
 
@@ -114,19 +111,19 @@ ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
 %{_sbindir}/groupadd -r %{name} &>/dev/null ||:
 %{_sbindir}/useradd  -g %{name} -s /bin/false -r -c "user for %{name}" -d %{home} %{name} &>/dev/null ||:
 %if %{with systemd}
-%service_add_pre    %{name}.service
+%service_add_pre %{name}.service
 %endif
 
 %post
 %fillup_only %{name}
 %if %{with systemd}
 systemd-tmpfiles --create  %{_tmpfilesdir}/%{name}.conf || :
-%service_add_post   %{name}.service
+%service_add_post %{name}.service
 %endif
 
 %preun
 %if %{with systemd}
-%service_del_preun  %{name}.service
+%service_del_preun %{name}.service
 %else
 %stop_on_removal %{name}
 %endif
@@ -142,6 +139,8 @@ systemd-tmpfiles --create  %{_tmpfilesdir}/%{name}.conf || :
 %files
 %defattr(-,root,root)
 %doc doc/*
+%{configdir}/nsd.conf.sample
+%config
 %doc contrib/
 %if %{with systemd}
 %{_unitdir}/nsd.service
@@ -169,7 +168,9 @@ systemd-tmpfiles --create  %{_tmpfilesdir}/%{name}.conf || :
 %ghost %config %attr(640,%{name},%{name}) %{home}/ixfr.db
 %ghost %config %attr(640,%{name},%{name}) %{home}/xfrd.state
 #
-%ghost %attr(640,%{name},%{name}) /var/log/nsd.log
-#
+%dir   %attr(750,%{name},%{name}) /var/log/nsd
+%ghost %attr(640,%{name},%{name}) /var/log/nsd/nsd.log
+%ghost %attr(750,%{name},%{name}) %{_rundir}/%{name}
+
 
 %changelog
diff --git a/tmpfiles-nsd.conf b/tmpfiles-nsd.conf
index 09fc696..9830f91 100644
--- a/tmpfiles-nsd.conf
+++ b/tmpfiles-nsd.conf
@@ -1 +1 @@
-D /var/run/nsd 0755 nsd nsd -
+D /run/nsd 0755 nsd nsd -