[PATCH 1/2] libhtp: Update to 0.5.49

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

* [PATCH 1/2] libhtp: Update to 0.5.49
@ 2024-10-02 13:41 Matthias Fischer
  2024-10-02 13:41 ` [PATCH 2/2] suricata: Update to 7.0.7 Matthias Fischer
  2024-10-15  7:53 ` [PATCH 1/2] libhtp: Update to 0.5.49 Adolf Belka
  0 siblings, 2 replies; 4+ messages in thread
From: Matthias Fischer @ 2024-10-02 13:41 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 1583 bytes --]

For details see:
https://github.com/OISF/libhtp/releases/tag/0.5.49

Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
 lfs/libhtp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/libhtp b/lfs/libhtp
index d3b56dcb2..205ae3ed1 100644
--- a/lfs/libhtp
+++ b/lfs/libhtp
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
+# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 0.5.48
+VER        = 0.5.49
 
 THISAPP    = libhtp-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 56eeef3524ffeac593c251846196d09e0ccfacd9aadd03b35061fd1fe6a245d1374c338581b4f7bee67255797740f4e282344fc10bf3d0c0fdf824f159380053
+$(DL_FILE)_BLAKE2 = 84473148547fd68a75a1ef458980b648f7ee28c1f1ca81f1a9a8320efda5cd8df83df4be6135c67b45be2997ec59e1f84dae0634b925425eea93852ea8dc26c8
 
 install : $(TARGET)
 
-- 
2.43.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 2/2] suricata: Update to 7.0.7
  2024-10-02 13:41 [PATCH 1/2] libhtp: Update to 0.5.49 Matthias Fischer
@ 2024-10-02 13:41 ` Matthias Fischer
  2024-10-15  7:55   ` Adolf Belka
  2024-10-15  7:53 ` [PATCH 1/2] libhtp: Update to 0.5.49 Adolf Belka
  1 sibling, 1 reply; 4+ messages in thread
From: Matthias Fischer @ 2024-10-02 13:41 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 4225 bytes --]

Exerpt from changelog:
"7.0.7 -- 2024-10-01

Security #7289: http: missing hashtable random seed leads to potential DoS(CRITICAL - CVE 2024-47188)
Security #7268: ja4: non alphanumeric characters in alpn lead to panic (7.0.x backport)(HIGH - CVE 2024-47522)
Security #7258: thash: random factor not used; possible abusive hash collisions (7.0.x backport)(CRITICAL - CVE 2024-47187)
Security #7215: defrag: off by one leads to possible evasion (7.0.x backport)(HIGH - CVE 2024-45796)
Security #7196: datasets: rule with unset makes suricata abort (7.0.x backport)(HIGH - CVE 2024-45795)
Security #7192: http: quadratic complexity in headers processing/finding (7.0.x backport)(CRITICAL - CVE 2024-45797)
Bug #7290: tls: a rule stops working since 7.0.5 (7.0.x backport)
Bug #7286: eve/tls: enabling JA4 breaks custom field selection
Bug #7276: ja3: Error: ja3: Buffer should not be NULL (7.0.x backport)
Bug #7271: pgsql: track 'progress' in tx per direction (7.0.x backport)
Bug #7265: detect/flow: ACK with data on 3whs fails to match 'flow:established' (7.0.x backport)
Bug #7257: fuzz: CIFuzz is not fuzzing PRs as it is supposed to (7.0.x backport)
Bug #7242: app-layer-protocol: negated matching false positive (7.0.x backport)
Bug #7239: tls: Invalid ja3 due to double client hello (7.0.x backport)
Bug #7225: dataset: lookup function is not working with ip type (7.0.x backport)
Bug #7214: frames: stream frame is not always the first one registered (7.0.x backport)
Bug #7207: cbindgen: comptability with newer version 0.27 (7.0.x backport)
Bug #7198: log/rfb: inconsistent key value security_result or security-result
Bug #7194: output: jb context not closed on error in EvePacket
Bug #7188: detect: dcerpc logging and matching issues (7.0.x backport)
Bug #7182: fuzz: File confyaml.c is missing (7.0.x backport)
Bug #7173: detect/integers: do not bother to free NULL pointer on setup/parse failure (7.0.x backport)
Bug #7166: profiling: rule profiling doesn't support absolute paths (7.0.x backport)
Bug #7159: tcp: 'broken ack' event set on flow timeout (7.0.x backport)
Bug #7136: util/thash: debug assertion for memuse (7.0.x backport)
Bug #7122: smb/ntlmssp: nonsense smb.ntlmssp.version values (7.0.x backport)
Bug #7116: dpdk: timestamping packets through TSC does not yield the same time as kernel time (7.0.x backport)
Bug #7066: alert/metadata: no pgsql object encapsulation (7.0.x backport)
Bug #7054: bypass: cannot bypass udp flow from first packet (7.0.x backport)
Bug #7001: pgsql: trigger raw stream reassembly (7.0.x backport)
Bug #6608: file: do not store if filestore:both,flow is triggered after the file was set to nostore (7.0.x backport)
Bug #6555: eve/alert: payload/payload_printable misrepresent data in case of overlaps (7.0.x backport)
Bug #6541: landlock: coverity warnings (7.0.x backport)
Optimization #7134: detect/snmp.version: do not free NULL pointer
Optimization #7075: dns/tcp: allow triggering raw stream reassembly (7.0.x backport)
Feature #7102: iprep: support seeing if rule is part of a rep list (7.0.x backport)
Feature #6674: detect: allow alert-then-pass logic (7.0.x backport)
Task #7249: libhtp 0.5.49 (7.0.x backport)
Task #7168: dns: make the version field in a dns object required (7.0.x backport)
Documentation #6641: doc: add tcp timeout fix to upgrade guide (7.0.x backport)"

Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
 lfs/suricata | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/suricata b/lfs/suricata
index dcee61ea1..b563ff9da 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 7.0.6
+VER        = 7.0.7
 
 THISAPP    = suricata-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = e031eda35913f0db553ae68e6fc4173db2f0a87b2f2c60141edf09abba3eef44cdba6cca1db039c8814525ff803dd60ea13cbba7b66e57fed3ae5297f90c7b18
+$(DL_FILE)_BLAKE2 = dc39279b99880762bee2b1788fea9046dc63c01560332ffc167844673314165456dcbff3b0d05d32c931741b397fd68e9e294d2ee6c526a3d286445c2a83b789
 
 install : $(TARGET)
 
-- 
2.43.0


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] suricata: Update to 7.0.7
  2024-10-02 13:41 ` [PATCH 2/2] suricata: Update to 7.0.7 Matthias Fischer
@ 2024-10-15  7:55   ` Adolf Belka
  0 siblings, 0 replies; 4+ messages in thread
From: Adolf Belka @ 2024-10-15  7:55 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 4464 bytes --]

Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org>

On 02/10/2024 15:41, Matthias Fischer wrote:
> Exerpt from changelog:
> "7.0.7 -- 2024-10-01
>
> Security #7289: http: missing hashtable random seed leads to potential DoS(CRITICAL - CVE 2024-47188)
> Security #7268: ja4: non alphanumeric characters in alpn lead to panic (7.0.x backport)(HIGH - CVE 2024-47522)
> Security #7258: thash: random factor not used; possible abusive hash collisions (7.0.x backport)(CRITICAL - CVE 2024-47187)
> Security #7215: defrag: off by one leads to possible evasion (7.0.x backport)(HIGH - CVE 2024-45796)
> Security #7196: datasets: rule with unset makes suricata abort (7.0.x backport)(HIGH - CVE 2024-45795)
> Security #7192: http: quadratic complexity in headers processing/finding (7.0.x backport)(CRITICAL - CVE 2024-45797)
> Bug #7290: tls: a rule stops working since 7.0.5 (7.0.x backport)
> Bug #7286: eve/tls: enabling JA4 breaks custom field selection
> Bug #7276: ja3: Error: ja3: Buffer should not be NULL (7.0.x backport)
> Bug #7271: pgsql: track 'progress' in tx per direction (7.0.x backport)
> Bug #7265: detect/flow: ACK with data on 3whs fails to match 'flow:established' (7.0.x backport)
> Bug #7257: fuzz: CIFuzz is not fuzzing PRs as it is supposed to (7.0.x backport)
> Bug #7242: app-layer-protocol: negated matching false positive (7.0.x backport)
> Bug #7239: tls: Invalid ja3 due to double client hello (7.0.x backport)
> Bug #7225: dataset: lookup function is not working with ip type (7.0.x backport)
> Bug #7214: frames: stream frame is not always the first one registered (7.0.x backport)
> Bug #7207: cbindgen: comptability with newer version 0.27 (7.0.x backport)
> Bug #7198: log/rfb: inconsistent key value security_result or security-result
> Bug #7194: output: jb context not closed on error in EvePacket
> Bug #7188: detect: dcerpc logging and matching issues (7.0.x backport)
> Bug #7182: fuzz: File confyaml.c is missing (7.0.x backport)
> Bug #7173: detect/integers: do not bother to free NULL pointer on setup/parse failure (7.0.x backport)
> Bug #7166: profiling: rule profiling doesn't support absolute paths (7.0.x backport)
> Bug #7159: tcp: 'broken ack' event set on flow timeout (7.0.x backport)
> Bug #7136: util/thash: debug assertion for memuse (7.0.x backport)
> Bug #7122: smb/ntlmssp: nonsense smb.ntlmssp.version values (7.0.x backport)
> Bug #7116: dpdk: timestamping packets through TSC does not yield the same time as kernel time (7.0.x backport)
> Bug #7066: alert/metadata: no pgsql object encapsulation (7.0.x backport)
> Bug #7054: bypass: cannot bypass udp flow from first packet (7.0.x backport)
> Bug #7001: pgsql: trigger raw stream reassembly (7.0.x backport)
> Bug #6608: file: do not store if filestore:both,flow is triggered after the file was set to nostore (7.0.x backport)
> Bug #6555: eve/alert: payload/payload_printable misrepresent data in case of overlaps (7.0.x backport)
> Bug #6541: landlock: coverity warnings (7.0.x backport)
> Optimization #7134: detect/snmp.version: do not free NULL pointer
> Optimization #7075: dns/tcp: allow triggering raw stream reassembly (7.0.x backport)
> Feature #7102: iprep: support seeing if rule is part of a rep list (7.0.x backport)
> Feature #6674: detect: allow alert-then-pass logic (7.0.x backport)
> Task #7249: libhtp 0.5.49 (7.0.x backport)
> Task #7168: dns: make the version field in a dns object required (7.0.x backport)
> Documentation #6641: doc: add tcp timeout fix to upgrade guide (7.0.x backport)"
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
>   lfs/suricata | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lfs/suricata b/lfs/suricata
> index dcee61ea1..b563ff9da 100644
> --- a/lfs/suricata
> +++ b/lfs/suricata
> @@ -24,7 +24,7 @@
>   
>   include Config
>   
> -VER        = 7.0.6
> +VER        = 7.0.7
>   
>   THISAPP    = suricata-$(VER)
>   DL_FILE    = $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>   
>   $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>   
> -$(DL_FILE)_BLAKE2 = e031eda35913f0db553ae68e6fc4173db2f0a87b2f2c60141edf09abba3eef44cdba6cca1db039c8814525ff803dd60ea13cbba7b66e57fed3ae5297f90c7b18
> +$(DL_FILE)_BLAKE2 = dc39279b99880762bee2b1788fea9046dc63c01560332ffc167844673314165456dcbff3b0d05d32c931741b397fd68e9e294d2ee6c526a3d286445c2a83b789
>   
>   install : $(TARGET)
>   

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/2] libhtp: Update to 0.5.49
  2024-10-02 13:41 [PATCH 1/2] libhtp: Update to 0.5.49 Matthias Fischer
  2024-10-02 13:41 ` [PATCH 2/2] suricata: Update to 7.0.7 Matthias Fischer
@ 2024-10-15  7:53 ` Adolf Belka
  1 sibling, 0 replies; 4+ messages in thread
From: Adolf Belka @ 2024-10-15  7:53 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 1765 bytes --]

Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org>

On 02/10/2024 15:41, Matthias Fischer wrote:
> For details see:
> https://github.com/OISF/libhtp/releases/tag/0.5.49
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
>   lfs/libhtp | 6 +++---
>   1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/lfs/libhtp b/lfs/libhtp
> index d3b56dcb2..205ae3ed1 100644
> --- a/lfs/libhtp
> +++ b/lfs/libhtp
> @@ -1,7 +1,7 @@
>   ###############################################################################
>   #                                                                             #
>   # IPFire.org - A linux based firewall                                         #
> -# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
> +# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
>   #                                                                             #
>   # This program is free software: you can redistribute it and/or modify        #
>   # it under the terms of the GNU General Public License as published by        #
> @@ -24,7 +24,7 @@
>   
>   include Config
>   
> -VER        = 0.5.48
> +VER        = 0.5.49
>   
>   THISAPP    = libhtp-$(VER)
>   DL_FILE    = $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>   
>   $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>   
> -$(DL_FILE)_BLAKE2 = 56eeef3524ffeac593c251846196d09e0ccfacd9aadd03b35061fd1fe6a245d1374c338581b4f7bee67255797740f4e282344fc10bf3d0c0fdf824f159380053
> +$(DL_FILE)_BLAKE2 = 84473148547fd68a75a1ef458980b648f7ee28c1f1ca81f1a9a8320efda5cd8df83df4be6135c67b45be2997ec59e1f84dae0634b925425eea93852ea8dc26c8
>   
>   install : $(TARGET)
>   

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2024-10-15  7:55 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-10-02 13:41 [PATCH 1/2] libhtp: Update to 0.5.49 Matthias Fischer
2024-10-02 13:41 ` [PATCH 2/2] suricata: Update to 7.0.7 Matthias Fischer
2024-10-15  7:55   ` Adolf Belka
2024-10-15  7:53 ` [PATCH 1/2] libhtp: Update to 0.5.49 Adolf Belka

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox