diff --git a/apache2/libinjection/libinjection.h b/apache2/libinjection/libinjection.h
index 838a4cbb..4e5690d8 100644
--- a/apache2/libinjection/libinjection.h
+++ b/apache2/libinjection/libinjection.h
@@ -19,7 +19,7 @@ extern "C" {
  * See python's normalized version
  * http://www.python.org/dev/peps/pep-0386/#normalizedversion
  */
-#define LIBINJECTION_VERSION "3.3.0"
+#define LIBINJECTION_VERSION "3.4.1"
 
 /**
  * Libinjection's sqli module makes a "normalized"
@@ -39,12 +39,12 @@ extern "C" {
 
 enum lookup_type {
     FLAG_NONE          = 0,
-    FLAG_QUOTE_NONE    = 0,
-    FLAG_QUOTE_SINGLE  = 1 << 1,
-    FLAG_QUOTE_DOUBLE  = 1 << 2,
+    FLAG_QUOTE_NONE    = 1 << 1,
+    FLAG_QUOTE_SINGLE  = 1 << 2,
+    FLAG_QUOTE_DOUBLE  = 1 << 3,
 
-    FLAG_SQL_ANSI      = 1 << 3,
-    FLAG_SQL_MYSQL     = 1 << 4,
+    FLAG_SQL_ANSI      = 1 << 4,
+    FLAG_SQL_MYSQL     = 1 << 5,
 
     LOOKUP_WORD,
     LOOKUP_TYPE,
@@ -249,6 +249,12 @@ char libinjection_sqli_lookup_word(sfilter *sql_state, int lookup_type,
  */
 int  libinjection_sqli_tokenize(sfilter * sql_state);
 
+/**
+ * parses and folds input, up to 5 tokens
+ *
+ */
+int libinjection_sqli_fold(sfilter * sql_state);
+
 /** The built-in default function to match fingerprints
  *  and do false negative/positive analysis.  This calls the following
  *  two functions.  With this, you over-ride one part or the other.
diff --git a/apache2/libinjection/libinjection_sqli.c b/apache2/libinjection/libinjection_sqli.c
index 0397e354..3634757f 100644
--- a/apache2/libinjection/libinjection_sqli.c
+++ b/apache2/libinjection/libinjection_sqli.c
@@ -54,7 +54,7 @@ typedef enum {
     TYPE_OPERATOR    = (int)'o',
     TYPE_LOGIC_OPERATOR = (int)'&',
     TYPE_COMMENT     = (int)'c',
-    TYPE_COLLATE     = (int)'a',
+    TYPE_COLLATE     = (int)'A',
     TYPE_LEFTPARENS  = (int)'(',
     TYPE_RIGHTPARENS = (int)')',  /* not used? */
     TYPE_COMMA       = (int)',',
@@ -1220,6 +1220,10 @@ int libinjection_sqli_tokenize(sfilter * sf)
 
 void libinjection_sqli_init(sfilter * sf, const char *s, size_t len, int flags)
 {
+    if (flags == 0) {
+        flags = FLAG_QUOTE_NONE | FLAG_SQL_ANSI;
+    }
+
     memset(sf, 0, sizeof(sfilter));
     sf->s        = s;
     sf->slen     = len;
@@ -1231,6 +1235,9 @@ void libinjection_sqli_init(sfilter * sf, const char *s, size_t len, int flags)
 
 void libinjection_sqli_reset(sfilter * sf, int flags)
 {
+    if (flags == 0) {
+        flags = FLAG_QUOTE_NONE | FLAG_SQL_ANSI;
+    }
     libinjection_sqli_init(sf, sf->s, sf->slen, flags);
     sf->lookup = sf->lookup;
     sf->userdata = sf->userdata;
@@ -1309,7 +1316,7 @@ static int syntax_merge_words(sfilter * sf,stoken_t * a, stoken_t * b)
     }
 }
 
-int filter_fold(sfilter * sf)
+int libinjection_sqli_fold(sfilter * sf)
 {
     stoken_t last_comment;
 
@@ -1546,8 +1553,8 @@ int filter_fold(sfilter * sf)
             continue;
         } else if (sf->tokenvec[left].type == TYPE_VARIABLE &&
                    sf->tokenvec[left+1].type == TYPE_OPERATOR &&
-                   (sf->tokenvec[left].type == TYPE_VARIABLE || sf->tokenvec[left].type == TYPE_NUMBER ||
-                    sf->tokenvec[left].type == TYPE_BAREWORD)) {
+                   (sf->tokenvec[left+2].type == TYPE_VARIABLE || sf->tokenvec[left+2].type == TYPE_NUMBER ||
+                    sf->tokenvec[left+2].type == TYPE_BAREWORD)) {
             pos -= 2;
             continue;
         } else if ((sf->tokenvec[left].type == TYPE_BAREWORD || sf->tokenvec[left].type == TYPE_NUMBER ) &&
@@ -1671,7 +1678,7 @@ const char* libinjection_sqli_fingerprint(sfilter * sql_state, int flags)
 
     libinjection_sqli_reset(sql_state, flags);
 
-    tlen = filter_fold(sql_state);
+    tlen = libinjection_sqli_fold(sql_state);
     for (i = 0; i < tlen; ++i) {
         sql_state->fingerprint[i] = sql_state->tokenvec[i].type;
     }
diff --git a/apache2/libinjection/libinjection_sqli_data.h b/apache2/libinjection/libinjection_sqli_data.h
index d91e7e95..49e910cc 100644
--- a/apache2/libinjection/libinjection_sqli_data.h
+++ b/apache2/libinjection/libinjection_sqli_data.h
@@ -884,6 +884,7 @@ static const keyword_t sql_keywords[] = {
     {"01)O(S", 'F'},
     {"01)O(V", 'F'},
     {"01)O1", 'F'},
+    {"01)O1&", 'F'},
     {"01)O1)", 'F'},
     {"01)O1;", 'F'},
     {"01)O1B", 'F'},
@@ -902,6 +903,7 @@ static const keyword_t sql_keywords[] = {
     {"01)ONO", 'F'},
     {"01)ONU", 'F'},
     {"01)OS", 'F'},
+    {"01)OS&", 'F'},
     {"01)OS)", 'F'},
     {"01)OS;", 'F'},
     {"01)OSB", 'F'},
@@ -910,6 +912,7 @@ static const keyword_t sql_keywords[] = {
     {"01)OSO", 'F'},
     {"01)OSU", 'F'},
     {"01)OV", 'F'},
+    {"01)OV&", 'F'},
     {"01)OV)", 'F'},
     {"01)OV;", 'F'},
     {"01)OVB", 'F'},
@@ -1375,6 +1378,7 @@ static const keyword_t sql_keywords[] = {
     {"01F()U", 'F'},
     {"01F()V", 'F'},
     {"01F(1)", 'F'},
+    {"01F(1N", 'F'},
     {"01F(1O", 'F'},
     {"01F(F(", 'F'},
     {"01F(N)", 'F'},
@@ -4646,6 +4650,7 @@ static const keyword_t sql_keywords[] = {
     {"0NF()U", 'F'},
     {"0NF()V", 'F'},
     {"0NF(1)", 'F'},
+    {"0NF(1N", 'F'},
     {"0NF(1O", 'F'},
     {"0NF(F(", 'F'},
     {"0NF(N)", 'F'},
@@ -5825,6 +5830,7 @@ static const keyword_t sql_keywords[] = {
     {"0S)O(S", 'F'},
     {"0S)O(V", 'F'},
     {"0S)O1", 'F'},
+    {"0S)O1&", 'F'},
     {"0S)O1)", 'F'},
     {"0S)O1;", 'F'},
     {"0S)O1B", 'F'},
@@ -5843,6 +5849,7 @@ static const keyword_t sql_keywords[] = {
     {"0S)ONO", 'F'},
     {"0S)ONU", 'F'},
     {"0S)OS", 'F'},
+    {"0S)OS&", 'F'},
     {"0S)OS)", 'F'},
     {"0S)OS;", 'F'},
     {"0S)OSB", 'F'},
@@ -5851,6 +5858,7 @@ static const keyword_t sql_keywords[] = {
     {"0S)OSO", 'F'},
     {"0S)OSU", 'F'},
     {"0S)OV", 'F'},
+    {"0S)OV&", 'F'},
     {"0S)OV)", 'F'},
     {"0S)OV;", 'F'},
     {"0S)OVB", 'F'},
@@ -6360,6 +6368,7 @@ static const keyword_t sql_keywords[] = {
     {"0SF()U", 'F'},
     {"0SF()V", 'F'},
     {"0SF(1)", 'F'},
+    {"0SF(1N", 'F'},
     {"0SF(1O", 'F'},
     {"0SF(F(", 'F'},
     {"0SF(N)", 'F'},
@@ -8163,6 +8172,7 @@ static const keyword_t sql_keywords[] = {
     {"0V)O(S", 'F'},
     {"0V)O(V", 'F'},
     {"0V)O1", 'F'},
+    {"0V)O1&", 'F'},
     {"0V)O1)", 'F'},
     {"0V)O1;", 'F'},
     {"0V)O1B", 'F'},
@@ -8181,6 +8191,7 @@ static const keyword_t sql_keywords[] = {
     {"0V)ONO", 'F'},
     {"0V)ONU", 'F'},
     {"0V)OS", 'F'},
+    {"0V)OS&", 'F'},
     {"0V)OS)", 'F'},
     {"0V)OS;", 'F'},
     {"0V)OSB", 'F'},
@@ -8189,6 +8200,7 @@ static const keyword_t sql_keywords[] = {
     {"0V)OSO", 'F'},
     {"0V)OSU", 'F'},
     {"0V)OV", 'F'},
+    {"0V)OV&", 'F'},
     {"0V)OV)", 'F'},
     {"0V)OV;", 'F'},
     {"0V)OVB", 'F'},
@@ -8698,6 +8710,7 @@ static const keyword_t sql_keywords[] = {
     {"0VF()U", 'F'},
     {"0VF()V", 'F'},
     {"0VF(1)", 'F'},
+    {"0VF(1N", 'F'},
     {"0VF(1O", 'F'},
     {"0VF(F(", 'F'},
     {"0VF(N)", 'F'},
@@ -9870,6 +9883,7 @@ static const keyword_t sql_keywords[] = {
     {"PRIMARY", 'k'},
     {"PRINT", 'T'},
     {"PROCEDURE", 'k'},
+    {"PROCEDURE ANALYSE", 'f'},
     {"PUBLISHINGSERVERNAME", 'f'},
     {"PURGE", 'k'},
     {"PWDCOMPARE", 'f'},
@@ -10210,5 +10224,5 @@ static const keyword_t sql_keywords[] = {
     {"||", '&'},
     {"~*", 'o'},
 };
-static const size_t sql_keywords_sz = 10043;
+static const size_t sql_keywords_sz = 10057;
 #endif