diff --git a/CHANGES b/CHANGES
index 56288489a6..9c9e5169aa 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,19 @@
 
+2.5-565 | 2018-05-08 15:29:53 -0500
+
+  * BIT-1926: add unit tests for misc. HTTP patches (Corelight)
+
+  * Fix case insensitive HTTP/MIME header name comparisons
+    (Jeffrey Bencteux)
+
+  * Don't use chunked mode Transfer-Encoding with HTTP/1.0 (Jeffrey Bencteux)
+
+  * Fix handling of HTTP body length when Content-Range length differs
+    from Content-Length. (Jeffrey Bencteux)
+
+  * Decode 'x-gzip' HTTP Content-Encoding the same as 'gzip'
+    (Jeffrey Bencteux)
+
 2.5-559 | 2018-05-08 11:23:28 -0700
 
   * Add test for dump_current_packet bif. (Johanna Amann)
diff --git a/VERSION b/VERSION
index a04526640f..05811b62f0 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.5-559
+2.5-565
diff --git a/testing/btest/Baseline/scripts.base.protocols.http.content-range-less-than-len/http.log b/testing/btest/Baseline/scripts.base.protocols.http.content-range-less-than-len/http.log
new file mode 100644
index 0000000000..5ff9ffc319
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.http.content-range-less-than-len/http.log
@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	http
+#open	2018-05-08-20-04-16
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	trans_depth	method	host	uri	referrer	version	user_agent	request_body_len	response_body_len	status_code	status_msg	info_code	info_msg	tags	username	password	proxied	orig_fuids	orig_filenames	orig_mime_types	resp_fuids	resp_filenames	resp_mime_types
+#types	time	string	addr	port	addr	port	count	string	string	string	string	string	string	count	count	count	string	count	string	set[enum]	string	string	set[string]	vector[string]	vector[string]	vector[string]	vector[string]	vector[string]	vector[string]
+1523627611.747988	CHhAvVGS1DHFjwGM9	127.0.0.1	58128	127.0.0.1	80	1	GET	localhost	/	-	1.1	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0	0	33	206	ok	-	-	(empty)	-	-	-	-	-	-	FE5OS23mJkGTBhF8ig	-	text/plain
+#close	2018-05-08-20-04-17
diff --git a/testing/btest/Baseline/scripts.base.protocols.http.content-range-less-than-len/weird.log b/testing/btest/Baseline/scripts.base.protocols.http.content-range-less-than-len/weird.log
new file mode 100644
index 0000000000..7cd09fb789
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.http.content-range-less-than-len/weird.log
@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	weird
+#open	2018-05-08-20-04-16
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
+#types	time	string	addr	port	addr	port	string	string	bool	string
+1523627611.748118	CHhAvVGS1DHFjwGM9	127.0.0.1	58128	127.0.0.1	80	HTTP_range_not_matching_len	-	F	bro
+#close	2018-05-08-20-04-17
diff --git a/testing/btest/Baseline/scripts.base.protocols.http.fake-content-length/http.log b/testing/btest/Baseline/scripts.base.protocols.http.fake-content-length/http.log
new file mode 100644
index 0000000000..aa9c61af96
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.http.fake-content-length/http.log
@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	http
+#open	2018-05-08-20-10-35
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	trans_depth	method	host	uri	referrer	version	user_agent	request_body_len	response_body_len	status_code	status_msg	info_code	info_msg	tags	username	password	proxied	orig_fuids	orig_filenames	orig_mime_types	resp_fuids	resp_filenames	resp_mime_types
+#types	time	string	addr	port	addr	port	count	string	string	string	string	string	string	count	count	count	string	count	string	set[enum]	string	string	set[string]	vector[string]	vector[string]	vector[string]	vector[string]	vector[string]	vector[string]
+1523631796.315381	CHhAvVGS1DHFjwGM9	127.0.0.1	58176	127.0.0.1	80	1	GET	localhost	/	-	1.1	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0	0	14	200	ok	-	-	(empty)	-	-	-	-	-	-	FCcRXl1oyxVr6ipJA8	-	text/plain
+#close	2018-05-08-20-10-35
diff --git a/testing/btest/Baseline/scripts.base.protocols.http.x-gzip/http.log b/testing/btest/Baseline/scripts.base.protocols.http.x-gzip/http.log
new file mode 100644
index 0000000000..c90eb3315a
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.http.x-gzip/http.log
@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	http
+#open	2018-05-08-19-59-11
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	trans_depth	method	host	uri	referrer	version	user_agent	request_body_len	response_body_len	status_code	status_msg	info_code	info_msg	tags	username	password	proxied	orig_fuids	orig_filenames	orig_mime_types	resp_fuids	resp_filenames	resp_mime_types
+#types	time	string	addr	port	addr	port	count	string	string	string	string	string	string	count	count	count	string	count	string	set[enum]	string	string	set[string]	vector[string]	vector[string]	vector[string]	vector[string]	vector[string]	vector[string]
+1473086764.095192	CHhAvVGS1DHFjwGM9	127.0.0.1	54890	127.0.0.1	80	1	GET	localhost	/	-	1.1	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.6.0	0	19	200	ok	-	-	(empty)	-	-	-	-	-	-	FLWf9w4QphGhQ5XQRa	-	text/plain
+#close	2018-05-08-19-59-11
diff --git a/testing/btest/Traces/http/content-range-less-than-len.pcap b/testing/btest/Traces/http/content-range-less-than-len.pcap
new file mode 100755
index 0000000000..53ca520e83
Binary files /dev/null and b/testing/btest/Traces/http/content-range-less-than-len.pcap differ
diff --git a/testing/btest/Traces/http/fake-content-length.pcap b/testing/btest/Traces/http/fake-content-length.pcap
new file mode 100755
index 0000000000..fc1ac91c1c
Binary files /dev/null and b/testing/btest/Traces/http/fake-content-length.pcap differ
diff --git a/testing/btest/Traces/http/x-gzip.pcap b/testing/btest/Traces/http/x-gzip.pcap
new file mode 100755
index 0000000000..7c89026cc5
Binary files /dev/null and b/testing/btest/Traces/http/x-gzip.pcap differ
diff --git a/testing/btest/scripts/base/protocols/http/content-range-less-than-len.bro b/testing/btest/scripts/base/protocols/http/content-range-less-than-len.bro
new file mode 100644
index 0000000000..c95816b29f
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/http/content-range-less-than-len.bro
@@ -0,0 +1,3 @@
+# @TEST-EXEC: bro -r $TRACES/http/content-range-less-than-len.pcap
+# @TEST-EXEC: btest-diff http.log
+# @TEST-EXEC: btest-diff weird.log
diff --git a/testing/btest/scripts/base/protocols/http/fake-content-length.bro b/testing/btest/scripts/base/protocols/http/fake-content-length.bro
new file mode 100644
index 0000000000..5993b18ed1
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/http/fake-content-length.bro
@@ -0,0 +1,2 @@
+# @TEST-EXEC: bro -r $TRACES/http/fake-content-length.pcap
+# @TEST-EXEC: btest-diff http.log
diff --git a/testing/btest/scripts/base/protocols/http/x-gzip.bro b/testing/btest/scripts/base/protocols/http/x-gzip.bro
new file mode 100644
index 0000000000..a73fc5f71f
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/http/x-gzip.bro
@@ -0,0 +1,2 @@
+# @TEST-EXEC: bro -r $TRACES/http/x-gzip.pcap
+# @TEST-EXEC: btest-diff http.log