* [PATCH 1/2] libhtp: Update to 0.5.50
@ 2025-03-19 16:16 Matthias Fischer
2025-03-19 16:16 ` [PATCH 2/2] suricata: Update to 7.0.9 Matthias Fischer
0 siblings, 1 reply; 2+ messages in thread
From: Matthias Fischer @ 2025-03-19 16:16 UTC (permalink / raw)
To: development
For details see:
https://github.com/OISF/libhtp/releases/tag/0.5.50
" response: do not error on gap finishing content-length
chunks: probe validity if data was not buffered
chunks: abort asap on invalid chunk length
response: end decompressors in chunked content
decompressors: do not take data after end
readme: update status
readme: update goals
response: end decompressors in chunked content
scan-build: work around optin.performance.Padding"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
lfs/libhtp | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/libhtp b/lfs/libhtp
index 205ae3ed1..dc45aac66 100644
--- a/lfs/libhtp
+++ b/lfs/libhtp
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 0.5.49
+VER = 0.5.50
THISAPP = libhtp-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 84473148547fd68a75a1ef458980b648f7ee28c1f1ca81f1a9a8320efda5cd8df83df4be6135c67b45be2997ec59e1f84dae0634b925425eea93852ea8dc26c8
+$(DL_FILE)_BLAKE2 = e26aa03d06aa370ab22e1fb462087ac67427d63490802ac369378f90cbb6ed8ed9f95c20acc3fbfdb92cabddb2e1a45bb7c45454b5d17e898f9b0cf8aa804536
install : $(TARGET)
--
2.43.0
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH 2/2] suricata: Update to 7.0.9
2025-03-19 16:16 [PATCH 1/2] libhtp: Update to 0.5.50 Matthias Fischer
@ 2025-03-19 16:16 ` Matthias Fischer
0 siblings, 0 replies; 2+ messages in thread
From: Matthias Fischer @ 2025-03-19 16:16 UTC (permalink / raw)
To: development
Excerpt from changelog:
"7.0.9 -- 2025-03-18
Security #7616: datasets: hashsize setting via rules can cause high
memory usage (7.0.x backport)(MODERATE - CVE 2025-29916)
Security #7614: decode_base64: signature can do large memory
allocation (7.0.x backport)(HIGH - CVE 2025-29917)
Security #7527: detect: infinite loop with negated pcre and indefinite
recursion limit setting (7.0.x backport)(HIGH - CVE 2025-29918)
Security #7459: af-packet: defrag option can lead to truncated packets
(7.0.x backport)(HIGH - CVE 2025-29915)
Bug #7581: detect: missing file.data matches without filestore (7.0.x
backport)
Bug #7561: detect: integer underflow with krb5.ticket_encryption (7.0.x
backport)
Bug #7557: quic: valid traffic blocked in IPS mode (7.0.x backport)
Bug #7555: tls: parser error on unACK'd data in FIN shutdown (7.0.x
backport)
Bug #7553: applayer: misdetection if response is seen first without
request (7.0.x backport)
Bug #7496: detect: protocol probing doesn't finish earlier if opposite
dir already had a protocol (7.0.x backport)
Bug #7493: flow/var: memory leak in lua extension (7.0.x backport)
Bug #7468: detect: checksum detection broken by stream.checksum-validation
(7.0.x backport)
Bug #7460: eve: empty src_ip and dest_ip values may be logged
Bug #7448: log/file: nullptr dereference if file was opened more than once
(7.0.x backport)
Bug #7431: flow: multiple Flow Managers scan wrong hash slices (7.0.x
backport)
Bug #7428: tcp: GAP event set on unack'd data following a RST (7.0.x
backport)
Optimization #7088: applayer: track modified transactions to avoid walking
all live transactions (7.0.x backport)"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
lfs/suricata | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/suricata b/lfs/suricata
index 2b05c3c54..56733125d 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 7.0.8
+VER = 7.0.9
THISAPP = suricata-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8571a6368b90e18046cdcf71f53e1b59e895ea8fe2d8f996ef614a890b520671f5dcac10014555880e408060913df1dab4c473bf083e7c0451c6a4b93bedd047
+$(DL_FILE)_BLAKE2 = fe01a304b170cf210b3ad2c782c6a49798c67df5433498715101ba626548395a70793a50221390f6697d1aef2be1808ba430091dae097e350dd2a9c98677a61b
install : $(TARGET)
--
2.43.0
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-03-19 16:16 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-03-19 16:16 [PATCH 1/2] libhtp: Update to 0.5.50 Matthias Fischer
2025-03-19 16:16 ` [PATCH 2/2] suricata: Update to 7.0.9 Matthias Fischer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox