diff --git a/CHANGES b/CHANGES
index 13f90e9180..4172e64bef 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,10 @@
 
+2.5-969 | 2018-09-05 15:11:48 -0500
+
+  * BIT-1208: remove unused weirds from Weird::actions table (Jon Siwek, Corelight)
+
+  * BIT-1779: use BRO_LOG_SUFFIX env var in ascii log rotation function (Jon Siwek, Corelight)
+
 2.5-967 | 2018-09-05 19:30:48 +0000
 
   * Fix printf format specification for reporting packet stats. (Robin Sommer, Corelight)
diff --git a/VERSION b/VERSION
index 699637b8cc..bf41829601 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.5-967
+2.5-969
diff --git a/aux/bifcl b/aux/bifcl
index b0ba021208..2c106da5c5 160000
--- a/aux/bifcl
+++ b/aux/bifcl
@@ -1 +1 @@
-Subproject commit b0ba021208c0c5fe8d7c92412b919d6667f63961
+Subproject commit 2c106da5c56f0c864f9894dff21bd6557ef219eb
diff --git a/aux/binpac b/aux/binpac
index ff8c94964f..090d2614a6 160000
--- a/aux/binpac
+++ b/aux/binpac
@@ -1 +1 @@
-Subproject commit ff8c94964fccbf60abae401d03c9fb35a8894c16
+Subproject commit 090d2614a6dfd2a354cb36f890f9d52557300c74
diff --git a/aux/bro-aux b/aux/bro-aux
index 9866d31e45..2c37ea379b 160000
--- a/aux/bro-aux
+++ b/aux/bro-aux
@@ -1 +1 @@
-Subproject commit 9866d31e45f5e1467c0f1fd4a1cd9948b067ce43
+Subproject commit 2c37ea379bc25dd4b4fd38ee2bb40068e5418a2b
diff --git a/aux/broccoli b/aux/broccoli
index 1898e81bba..9e6290ee3f 160000
--- a/aux/broccoli
+++ b/aux/broccoli
@@ -1 +1 @@
-Subproject commit 1898e81bba7c595108bc20c5148df7f0f6a2258f
+Subproject commit 9e6290ee3f398141d90995bb766163218e9076a8
diff --git a/aux/broctl b/aux/broctl
index a88cb3434e..9455886e95 160000
--- a/aux/broctl
+++ b/aux/broctl
@@ -1 +1 @@
-Subproject commit a88cb3434e05dbb117687f6152acc8892ed969ca
+Subproject commit 9455886e959b5d9ddeccc86ae5428706e2424237
diff --git a/aux/broker b/aux/broker
index a3e188680c..96c574a9de 160000
--- a/aux/broker
+++ b/aux/broker
@@ -1 +1 @@
-Subproject commit a3e188680cd2889edbb9cf09c01fb1f031a90975
+Subproject commit 96c574a9de7709d73715a91368a5ef52de1af6ef
diff --git a/scripts/base/frameworks/notice/weird.bro b/scripts/base/frameworks/notice/weird.bro
index 9481723e3f..c6f3748a46 100644
--- a/scripts/base/frameworks/notice/weird.bro
+++ b/scripts/base/frameworks/notice/weird.bro
@@ -107,14 +107,9 @@ export {
 		["base64_illegal_encoding"]             = ACTION_LOG,
 		["connection_originator_SYN_ack"]       = ACTION_LOG_PER_ORIG,
 		["contentline_size_exceeded"]           = ACTION_LOG,
-		["corrupt_tcp_options"]                 = ACTION_LOG_PER_ORIG,
 		["crud_trailing_HTTP_request"]          = ACTION_LOG,
 		["data_after_reset"]                    = ACTION_LOG,
 		["data_before_established"]             = ACTION_LOG,
-		["data_without_SYN_ACK"]                = ACTION_LOG,
-		["DHCP_no_type_option"]                 = ACTION_LOG,
-		["DHCP_wrong_msg_type"]                 = ACTION_LOG,
-		["DHCP_wrong_op_type"]                  = ACTION_LOG,
 		["DNS_AAAA_neg_length"]                 = ACTION_LOG,
 		["DNS_Conn_count_too_large"]            = ACTION_LOG,
 		["DNS_NAME_too_long"]                   = ACTION_LOG,
@@ -129,18 +124,15 @@ export {
 		["DNS_truncated_ans_too_short"]         = ACTION_LOG,
 		["DNS_truncated_len_lt_hdr_len"]        = ACTION_LOG,
 		["DNS_truncated_quest_too_short"]       = ACTION_LOG,
-		["dns_changed_number_of_responses"]     = ACTION_LOG_PER_ORIG,
-		["dns_reply_seen_after_done"]           = ACTION_LOG_PER_ORIG,
 		["excessive_data_without_further_acks"] = ACTION_LOG,
 		["excess_RPC"]                          = ACTION_LOG_PER_ORIG,
-		["excessive_RPC_len"]                   = ACTION_LOG_PER_ORIG,
 		["FIN_advanced_last_seq"]               = ACTION_LOG,
 		["FIN_after_reset"]                     = ACTION_IGNORE,
 		["FIN_storm"]                           = ACTION_NOTICE_PER_ORIG,
 		["HTTP_bad_chunk_size"]                 = ACTION_LOG,
 		["HTTP_chunked_transfer_for_multipart_message"] = ACTION_LOG,
 		["HTTP_overlapping_messages"]           = ACTION_LOG,
-		["HTTP_unknown_method"]                 = ACTION_LOG,
+		["unknown_HTTP_method"]                 = ACTION_LOG,
 		["HTTP_version_mismatch"]               = ACTION_LOG,
 		["ident_request_addendum"]              = ACTION_LOG,
 		["inappropriate_FIN"]                   = ACTION_LOG,
@@ -174,17 +166,13 @@ export {
 		["line_terminated_with_single_LF"]      = ACTION_LOG,
 		["malformed_ssh_identification"]        = ACTION_LOG,
 		["malformed_ssh_version"]               = ACTION_LOG,
-		["matching_undelivered_data"]           = ACTION_LOG,
 		["multiple_HTTP_request_elements"]      = ACTION_LOG,
-		["multiple_RPCs"]                       = ACTION_LOG_PER_ORIG,
-		["non_IPv4_packet"]                     = ACTION_LOG_ONCE,
 		["NUL_in_line"]                         = ACTION_LOG,
 		["originator_RPC_reply"]                = ACTION_LOG_PER_ORIG,
 		["partial_finger_request"]              = ACTION_LOG,
 		["partial_ftp_request"]                 = ACTION_LOG,
 		["partial_ident_request"]               = ACTION_LOG,
 		["partial_RPC"]                         = ACTION_LOG_PER_ORIG,
-		["partial_RPC_request"]                 = ACTION_LOG,
 		["pending_data_when_closed"]            = ACTION_LOG,
 		["pop3_bad_base64_encoding"]            = ACTION_LOG,
 		["pop3_client_command_unknown"]         = ACTION_LOG,
diff --git a/src/3rdparty b/src/3rdparty
index 7c95b51de2..bfbdec713e 160000
--- a/src/3rdparty
+++ b/src/3rdparty
@@ -1 +1 @@
-Subproject commit 7c95b51de202ac534b27dd721da5778b773dd614
+Subproject commit bfbdec713eaa9d20457c36d84202a348b5383e15