diff --git a/ChangeLog b/ChangeLog
index 2a77898c..0eb7383c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+* 2019-01-11: Version 1.5.1
+  * PR #414: remove TLS13 ciphers from cipher_list, but
+    only when SSL_CTX_set_ciphersuites is available.
+    Thanks Bruno Pagani
+  * Issue #415: Filter out #defines etc. when creating
+    symbols file.  Thanks Zero King
+
 * 2018-12-21: Version 1.5.0
   * RFE getdnsapi/stubby#121 log re-instantiating TLS
     upstreams (because they reached tls_backoff_time) at
diff --git a/configure.ac b/configure.ac
index 40c94977..4edd248f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -36,7 +36,7 @@ sinclude(./m4/acx_getaddrinfo.m4)
 sinclude(./m4/ax_check_compile_flag.m4)
 sinclude(./m4/pkg.m4)
 
-AC_INIT([getdns], [1.5.0], [team@getdnsapi.net], [getdns], [https://getdnsapi.net])
+AC_INIT([getdns], [1.5.1], [team@getdnsapi.net], [getdns], [https://getdnsapi.net])
 
 # Autoconf 2.70 will have set up runstatedir. 2.69 is frequently (Debian)
 # patched to do the same, but frequently (MacOS) not. So add a with option
@@ -63,13 +63,13 @@ AC_ARG_WITH([current-date],
   [CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"])
 
 AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"])
-AC_SUBST(GETDNS_NUMERIC_VERSION, [0x01050000])
+AC_SUBST(GETDNS_NUMERIC_VERSION, [0x01050100])
 AC_SUBST(API_VERSION, ["December 2015"])
 AC_SUBST(API_NUMERIC_VERSION, [0x07df0c00])
 GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API"
 
 AC_DEFINE_UNQUOTED([STUBBY_PACKAGE], ["stubby"], [Stubby package])
-AC_DEFINE_UNQUOTED([STUBBY_PACKAGE_STRING], ["0.2.4$STUBBY_RELEASE_CANDIDATE"], [Stubby package string])
+AC_DEFINE_UNQUOTED([STUBBY_PACKAGE_STRING], ["0.2.5$STUBBY_RELEASE_CANDIDATE"], [Stubby package string])
 
 # Library version
 # ---------------
@@ -107,7 +107,8 @@ AC_DEFINE_UNQUOTED([STUBBY_PACKAGE_STRING], ["0.2.4$STUBBY_RELEASE_CANDIDATE"],
 # getdns-1.4.1 had libversion 10:1:0
 # getdns-1.4.2 had libversion 10:2:0
 # getdns-1.5.0 has libversion 11:0:1
-GETDNS_LIBVERSION=11:0:1
+# getdns-1.5.1 has libversion 11:1:1
+GETDNS_LIBVERSION=11:1:1
 
 AC_SUBST(GETDNS_COMPILATION_COMMENT)
 AC_SUBST(GETDNS_LIBVERSION)
diff --git a/src/context.c b/src/context.c
index d952d8d6..825d6309 100644
--- a/src/context.c
+++ b/src/context.c
@@ -1468,9 +1468,13 @@ static char const * const _getdns_default_trust_anchors_verify_CA =
 static char const * const _getdns_default_trust_anchors_verify_email =
     "dnssec@iana.org";
 
+
 static char const * const _getdns_default_tls_cipher_list =
+#ifndef HAVE_SSL_CTX_SET_CIPHERSUITES
     "TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:"
-    "TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20";
+    "TLS13-CHACHA20-POLY1305-SHA256:"
+#endif
+    "EECDH+AESGCM:EECDH+CHACHA20";
 
 static char const * const _getdns_default_tls_ciphersuites =
   "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256";
diff --git a/src/libgetdns.symbols b/src/libgetdns.symbols
index f0169761..b8b6cffe 100644
--- a/src/libgetdns.symbols
+++ b/src/libgetdns.symbols
@@ -1,7 +1,6 @@
 getdns_address
 getdns_address_sync
 getdns_cancel_callback
-getdns_context_
 getdns_context_config
 getdns_context_create
 getdns_context_create_with_extended_memory_functions
diff --git a/src/mk-symfiles.sh b/src/mk-symfiles.sh
index 099181e6..26424e27 100755
--- a/src/mk-symfiles.sh
+++ b/src/mk-symfiles.sh
@@ -3,7 +3,7 @@
 write_symbols() {
 	OUTPUT=$1
 	shift
-	grep 'getdns_[0-9a-zA-Z_]*(' $* | grep -v '^#' | grep -v 'INLINE' | grep -v 'getdns_extra\.h\.in: \* if' \
+	grep -h 'getdns_[0-9a-zA-Z_]*(' $* | grep -v '^#' | grep -v 'INLINE' | grep -v '^ \* if' \
 	| sed -e 's/(.*$//g' -e 's/^.*getdns_/getdns_/g' | LC_ALL=C sort | uniq > $OUTPUT
 }
 
diff --git a/stubby b/stubby
index 58200cad..9c6e55a1 160000
--- a/stubby
+++ b/stubby
@@ -1 +1 @@
-Subproject commit 58200cadec6371f95e31a7f3735225c5a46ecf75
+Subproject commit 9c6e55a16af8f3258736b804b17eac3d35daebf3