From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4bn6jK28MBz330j for ; Wed, 23 Jul 2025 08:28:37 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4bn6jF5GzVz2xPP for ; Wed, 23 Jul 2025 08:28:33 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4bn6jD5MBmz2kd; Wed, 23 Jul 2025 08:28:32 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1753259312; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ApnG1obAv5HA5QAuwvJDIovTvTbnIeMs/yTT0XtUaaE=; b=589pOGlHgVQAHdBmKDS+K+Djq6I1u04ejRQYxpL/RIkcUE77ulP8CkhISD912mxd4rh5wZ N5vHAmqVT6U/3JAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1753259312; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ApnG1obAv5HA5QAuwvJDIovTvTbnIeMs/yTT0XtUaaE=; b=JOfuKI+KEKNHh5Li5iz2pPScdFp4HNRFTqr7OlJ9gV7lmMtMrk0gS6ZBR3Otktv+WC0kLQ ClTtkRMPJaaPyVZWasK3L1UUn3m0DYk7SiYofxFCWKvE9IOYcPYZT43kYJ1GIQEWHlQYn3 P5/H5lhqr3b+aRFB3WyoSt8UmPfCL9PUKSP3KfhzD88tYQZISeUqOuB2SUNzPFT7nqM5Nr M+WhxVGToIaYavdXl7f2rUCX1f+auAdjHQmV1dlCANBIF/JuFJ9fcxFkcRjr8CJ9nJ5EPX BKKm/qKF0TxfW7KJzwRq9RdqO6P662A/oCMZXbeAItV6IsqT2ndf4o4dc7j/Ow== Content-Type: text/plain; charset=utf-8 Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: Mime-Version: 1.0 Subject: Re: suricata-8.0.0 From: Michael Tremer In-Reply-To: <4b93045a-b504-4092-a5b0-de5d5107abb7@ipfire.org> Date: Wed, 23 Jul 2025 09:28:31 +0100 Cc: "IPFire: Development-List" Content-Transfer-Encoding: quoted-printable Message-Id: <2156A7A0-E07E-47F5-91AD-FFE30D9C2B24@ipfire.org> References: <83782aac-0d2e-40e9-acc3-8f6105873821@ipfire.org> <9B5F3290-83D1-49B8-AFB0-397276852EFD@ipfire.org> <4b93045a-b504-4092-a5b0-de5d5107abb7@ipfire.org> To: Adolf Belka Thank you! > On 22 Jul 2025, at 18:01, Adolf Belka wrote: >=20 >=20 >=20 > On 22/07/2025 17:56, Michael Tremer wrote: >> If we want to create a big IPS update, there is a new release of = vector scan available, too: >> = https://github.com/VectorCamp/vectorscan/releases/tag/vectorscan%2F5.4.12 >=20 > I will submit a patch for this. >=20 >> -Michael >>> On 22 Jul 2025, at 16:54, Michael Tremer = wrote: >>>=20 >>> Hello Adolf, >>>=20 >>> This is great news. >>>=20 >>> Regarding to where this is going, I don=E2=80=99t know=E2=80=A6 >>>=20 >>> Generally I would say we should release as early as possible. = However, the bottleneck that we currently have is that there is very = limited test feedback. Since we already have OpenVPN in the next = release, I would agree that this might be enough. >>>=20 >>> You can submit the patch no matter what and we can decide where to = merge it later. >=20 > patch has been submitted. >=20 > Regards, >=20 > Adolf. >=20 >>>=20 >>> -Michael >>>=20 >>>> On 22 Jul 2025, at 16:52, Adolf Belka = wrote: >>>>=20 >>>> Hi all, >>>>=20 >>>> I have done a patch submission for suricata-7.0.11 as there were a = couple of CVE fixes for that. >>>>=20 >>>> However suricata-8.0.0 has been released. I have built it and = installed it and confirmed that it is working as expected and that = testing it with an alert blocked the traffic access and logged the = information. >>>>=20 >>>> The question I have is should I submit a patch to update suricata = to 8.0.0 in CU197 or wait for next to become CU198? >>>>=20 >>>> Regards, >>>>=20 >>>> Adolf.