SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for suricata-4.1.8-lp152.8.28.x86_64.rpm :

* Tue Apr 28 2020 Martin Hauke - Switch to python3- Update to version 4.1.8
* Bug #3492: Backport 4 BUG_ON(strcasecmp(str, “any”) in DetectAddressParseString
* Bug #3508: rule parsing: memory leaks
* Bug #3527: 4.1.x Kerberos vulnerable to TCP splitting evasion
* Bug #3533: Skip over ERF_TYPE_META records
* Bug #3551: file logging: complete files sometimes marked ‘TRUNCATED’
* Bug #3572: rust: smb compile warnings
* Bug #3579: Faulty signature with two threshold keywords does not generate an error and never match
* Bug #3581: random failures on sip and http-evader suricata-verify tests
* Bug #3596: ftp: asan detects leaks of expectations
* Bug #3599: rules: memory leaks in pktvar keyword
* Bug #3601: rules: bad address block leads to stack exhaustion
* Bug #3603: rules: crash on ‘internal’-only keywords
* Bug #3605: rules: missing ‘consumption’ of transforms before pkt_data would lead to crash
* Bug #3607: rules: minor memory leak involving pcre_get_substring
* Bug #3608: ssl/tls: ASAN issue in SSLv3ParseHandshakeType
* Bug #3611: defrag: asan issue
* Bug #3633: file-store.stream-depth not working as expected when configured to a specfic value (4.1.x)
* Bug #3645: Invalid memory read on malformed rule with Lua script
* Bug #3647: rules: memory leaks on failed rules
* Bug #3648: CIDR Parsing Issue
* Bug #3650: FTP response buffering against TCP stream
* Bug #3652: Recursion stack-overflow in parsing YAML configuration
* Bug #3659: Multiple DetectEngineReload and bad insertion into linked list lead to buffer overflow
* Bug #3666: FTP: Incorrect ftp_memuse calculation.
* Bug #3668: Signature with an IP range creates one IPOnlyCIDRItem by signe IP address
* Bug #3671: Protocol detection evasion by packet splitting
* Bug #3676: Segfault on SMTP TLS
* Feature #3482: GRE ERSPAN Type 1 Support
* Task #3479: libhtp 0.5.33 (4.1.x)
* Task #3513: SMTP should place restraints on variable length items (e.g., filenames)
* Wed Feb 19 2020 Martin Hauke - Update to 4.1.7
* Bug #3417: –disable-geoip does not work
* Bug #3448: Suricata 4.1 Seg Fault: Socket Control pcap-file and corrupt pcap
* Bug #3452: smb: post-GAP file tx handling
* Bug #3453: coverity: CID 1456680: Incorrect expression (IDENTICAL_BRANCHES)
* Bug #3470: gcc10: compilation failure unless -fcommon is supplied
* Bug #3471: nfs: post-GAP some transactions never close
* Bug #3472: nfs: post-GAP file tx handling
* Bug #3474: Dropping privileges does not work with NFLOG- Update to 4.1.6
* Bug #3276: address parsing: memory leak in error path
* Bug #3278: segfault when test a nfs pcap file
* Bug #3279: ikev2 enabled in config even if Rust is disabled
* Bug #3325: lua issues on arm (fedora:29)
* Bug #3326: Static build with pcap fails
* Bug #3327: tcp: empty SACK option leads to decoder event
* Bug #3347: BPF filter on command line not honored for pcap file
* Bug #3355: DNS: DNS over TCP transactions logged with wrong direction.
* Bug #3356: DHCP: Slow down over time due to lack of detect flags
* Bug #3369: byte_extract does not work in some situations
* Bug #3385: fast-log: icmp type prints wrong value
* Bug #3387: suricata is logging tls log repeatedly if custom mode is enabled
* Bug #3388: TLS Lua output does not work without TLS log
* Bug #3391: Suricata is unable to get MTU from NIC after
* Bug #3393: http: pipelining tx id handling broken
* Bug #3394: TCP evasion technique by overlapping a TCP segment with a fake packet
* Bug #3395: TCP evasion technique by faking a closed TCP sessionl
* Bug #3402: smb: post-GAP some transactions never close
* Bug #3403: smb1: ‘event only’ transactions for bad requests never close
* Bug #3404: smtp: file tracking issues when more than one attachment in a tx
* Bug #3405: Filehash rule does not fire without filestore keyword
* Bug #3410: intermittent abort()s at shutdown and in unix-socket
* Bug #3412: detect/asn1: crashes on packets smaller than offset setting
* Task #3367: configure: Rust 1.37+ has cargo-vendor support bundled into cargo
* Bundle Suricata-Update 1.0.6
* Bundle Libhtp 0.5.32
* Tue Oct 22 2019 Lars Vogdt - Update to 4.1.5
* Feature #3068: protocol parser: vxlan (4.1.x)
* Bug #2841: False positive alerts firing after upgrade suricata 3.0 -> 4.1.0 (4.1.x)
* Bug #2966: filestore (v1 and v2): dropping of “unwanted” files (4.1.x)
* Bug #3008: rust: updated libc crate causes depration warnings (4.1.x)
* Bug #3044: tftp: missing logs because of broken tx handling (4.1.x)
* Bug #3067: GeoIP keyword depends on now discontinued legacy GeoIP database (4.1.x)
* Bug #3094: Fedora rawhide af-packet compilation err (4.1.x)
* Bug #3123: bypass keyword: Suricata 4.1.x Segmentation Faults (4.1.x)
* Bug #3129: Fixes warning about size of integers in string formats (4.1.x)
* Bug #3159: SC_ERR_PCAP_DISPATCH with message “error code -2” upon rule reload completion (4.1.x)
* Bug #3164: Suricata 4.1.4: NSS Shutdown triggers crashes in test mode
* Bug #3168: tls: out of bounds read
* Bug #3170: defrag: out of bounds read
* Bug #3173: ipv4: ts field decoding oob read
* Bug #3175: File_data inspection depth while inspecting base64 decoded data (4.1.x)
* Bug #3184: decode/der: crafted input can lead to resource starvation
* Bug #3186: Multiple Content-Length headers causes HTP_STREAM_ERROR (4.1.x)
* Bug #3187: GET/POST HTTP-request with no Content-Length, http_client_body miss (4.1.x)- build with lz4 and lzma support, especially to enable compression- require python-yaml during build, which results in suricate-update get\'s build and installed. This allows to update local Suricata rules- package /var/log/suricata directory instead of creating it during post-installation of the package
* Tue May 14 2019 Robert Frohl - Update to version 4.1.4
* CVE-2019-10053: ssh: heap buffer overflow (boo#1134993)
* CVE-2019-10050: mpls: heapbuffer overflow in file decode-mpls.c (boo#1134991)
* decode-ethernet: heapbuffer overflow in file decode-ethernet.c
* smb 1 create andx request does not parse the filename correctly
* rust/dhcp: panic in dhcp parser
* mpls: cast of misaligned data leads to undefined behavior
* rust/ftp: panic in ftp parser
* rust/nfs: integer underflow
* This release includes Suricata-Update 1.0.5
* Thu Mar 07 2019 Martin Hauke - Update to version 4.0.7
* Failed Assertion, Suricata Abort - util-mpm-hs.c line 163
* unix runmode deadlock when using too many threads
* rule reload with workers mode and NFQUEUE not working stable
* TCP FIN/ACK, RST/ACK in HTTP - detection bypass
* afpacket doesn\'t wait for all capture threads to start
* DNS Golden Transaction ID - detection bypass
* Invalid detect-engine config could lead to segfault
* suricata.c ConfigGetCaptureValue - PCAP/AFP fallthrough to strip_trailing_plus
* Stats interval are 1 second too early each tick
* rust/dns/lua - The Lua calls for DNS values when using Rust don\'t behave the same as the C implementation.
* out of bounds read in detection
* smtp: improve pipelining support
* Sun Dec 16 2018 mardnhAATTgmx.de- Use pkg-config style build dependencies- Build with support for Hyperscan- Add systemd service file- Add logrotate configuration file- Update to version 4.0.6
* smtp segmentation fault (4.0.x)
* negated fileext and filename do not work as expected (4.0.x)
* filemd5 is not fired in some cases when there are invalid packets
* File descriptor leak in af-packet mode (4.0.x)
* Improve errors handling in AF_PACKET (4.0.x)
* Support http events - Weird unicode characters and truncation in some of http_method/http_user_agent fields.
* Tue Jul 24 2018 kbabiochAATTsuse.com- Applied spec-cleaner- Removed gpg-offline, since we have GPG source validation by default now- Update to 4.0.5 - Bug fixes - Private Suricata stops inspecting TCP stream if a TCP RST was met (4.0.x) (CVE-2018-14568 bsc#1102334)
* Tue Oct 04 2016 Greg.FreemyerAATTgmail.com- update to v3.1.2- Fixed an issue with the handling of ICMPv4 error packets (CVE-2016-10728 bsc#1102402)- build with libprelude suppport- use libnetfilter_queue, libnfnetlink from the Factory repo instead of 5 year old versions- use libhtp from server:monitoring- run through spec-cleaner- Still don\'t have man pages or user manual in the RPM - http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_User_Guide- change license to GPL-2.0
* Fri Feb 12 2016 christophAATTstop.pe- Initial release
  
ICM