public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed
* suricata-8.0.0
@ 2025-07-22 15:52 Adolf Belka
  2025-07-22 15:54 ` suricata-8.0.0 Michael Tremer
  0 siblings, 1 reply; 5+ messages in thread
From: Adolf Belka @ 2025-07-22 15:52 UTC (permalink / raw)
  To: IPFire: Development-List

Hi all,

I have done a patch submission for suricata-7.0.11 as there were a couple of CVE fixes for that.

However suricata-8.0.0 has been released. I have built it and installed it and confirmed that it is working as expected and that testing it with an alert blocked the traffic access and logged the information.

The question I have is should I submit a patch to update suricata to 8.0.0 in CU197 or wait for next to become CU198?

Regards,

Adolf.


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: suricata-8.0.0
  2025-07-22 15:52 suricata-8.0.0 Adolf Belka
@ 2025-07-22 15:54 ` Michael Tremer
  2025-07-22 15:56   ` suricata-8.0.0 Michael Tremer
  0 siblings, 1 reply; 5+ messages in thread
From: Michael Tremer @ 2025-07-22 15:54 UTC (permalink / raw)
  To: Adolf Belka; +Cc: IPFire: Development-List

Hello Adolf,

This is great news.

Regarding to where this is going, I don’t know…

Generally I would say we should release as early as possible. However, the bottleneck that we currently have is that there is very limited test feedback. Since we already have OpenVPN in the next release, I would agree that this might be enough.

You can submit the patch no matter what and we can decide where to merge it later.

-Michael

> On 22 Jul 2025, at 16:52, Adolf Belka <adolf.belka@ipfire.org> wrote:
> 
> Hi all,
> 
> I have done a patch submission for suricata-7.0.11 as there were a couple of CVE fixes for that.
> 
> However suricata-8.0.0 has been released. I have built it and installed it and confirmed that it is working as expected and that testing it with an alert blocked the traffic access and logged the information.
> 
> The question I have is should I submit a patch to update suricata to 8.0.0 in CU197 or wait for next to become CU198?
> 
> Regards,
> 
> Adolf.
> 



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: suricata-8.0.0
  2025-07-22 15:54 ` suricata-8.0.0 Michael Tremer
@ 2025-07-22 15:56   ` Michael Tremer
  2025-07-22 17:01     ` suricata-8.0.0 Adolf Belka
  0 siblings, 1 reply; 5+ messages in thread
From: Michael Tremer @ 2025-07-22 15:56 UTC (permalink / raw)
  To: Adolf Belka; +Cc: IPFire: Development-List

If we want to create a big IPS update, there is a new release of vector scan available, too:

  https://github.com/VectorCamp/vectorscan/releases/tag/vectorscan%2F5.4.12

-Michael

> On 22 Jul 2025, at 16:54, Michael Tremer <michael.tremer@ipfire.org> wrote:
> 
> Hello Adolf,
> 
> This is great news.
> 
> Regarding to where this is going, I don’t know…
> 
> Generally I would say we should release as early as possible. However, the bottleneck that we currently have is that there is very limited test feedback. Since we already have OpenVPN in the next release, I would agree that this might be enough.
> 
> You can submit the patch no matter what and we can decide where to merge it later.
> 
> -Michael
> 
>> On 22 Jul 2025, at 16:52, Adolf Belka <adolf.belka@ipfire.org> wrote:
>> 
>> Hi all,
>> 
>> I have done a patch submission for suricata-7.0.11 as there were a couple of CVE fixes for that.
>> 
>> However suricata-8.0.0 has been released. I have built it and installed it and confirmed that it is working as expected and that testing it with an alert blocked the traffic access and logged the information.
>> 
>> The question I have is should I submit a patch to update suricata to 8.0.0 in CU197 or wait for next to become CU198?
>> 
>> Regards,
>> 
>> Adolf.
>> 
> 



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: suricata-8.0.0
  2025-07-22 15:56   ` suricata-8.0.0 Michael Tremer
@ 2025-07-22 17:01     ` Adolf Belka
  2025-07-23  8:28       ` suricata-8.0.0 Michael Tremer
  0 siblings, 1 reply; 5+ messages in thread
From: Adolf Belka @ 2025-07-22 17:01 UTC (permalink / raw)
  To: Michael Tremer; +Cc: IPFire: Development-List



On 22/07/2025 17:56, Michael Tremer wrote:
> If we want to create a big IPS update, there is a new release of vector scan available, too:
> 
>    https://github.com/VectorCamp/vectorscan/releases/tag/vectorscan%2F5.4.12

I will submit a patch for this.

> 
> -Michael
> 
>> On 22 Jul 2025, at 16:54, Michael Tremer <michael.tremer@ipfire.org> wrote:
>>
>> Hello Adolf,
>>
>> This is great news.
>>
>> Regarding to where this is going, I don’t know…
>>
>> Generally I would say we should release as early as possible. However, the bottleneck that we currently have is that there is very limited test feedback. Since we already have OpenVPN in the next release, I would agree that this might be enough.
>>
>> You can submit the patch no matter what and we can decide where to merge it later.

patch has been submitted.

Regards,

Adolf.

>>
>> -Michael
>>
>>> On 22 Jul 2025, at 16:52, Adolf Belka <adolf.belka@ipfire.org> wrote:
>>>
>>> Hi all,
>>>
>>> I have done a patch submission for suricata-7.0.11 as there were a couple of CVE fixes for that.
>>>
>>> However suricata-8.0.0 has been released. I have built it and installed it and confirmed that it is working as expected and that testing it with an alert blocked the traffic access and logged the information.
>>>
>>> The question I have is should I submit a patch to update suricata to 8.0.0 in CU197 or wait for next to become CU198?
>>>
>>> Regards,
>>>
>>> Adolf.
>>>
>>
> 
> 



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: suricata-8.0.0
  2025-07-22 17:01     ` suricata-8.0.0 Adolf Belka
@ 2025-07-23  8:28       ` Michael Tremer
  0 siblings, 0 replies; 5+ messages in thread
From: Michael Tremer @ 2025-07-23  8:28 UTC (permalink / raw)
  To: Adolf Belka; +Cc: IPFire: Development-List

Thank you!

> On 22 Jul 2025, at 18:01, Adolf Belka <adolf.belka@ipfire.org> wrote:
> 
> 
> 
> On 22/07/2025 17:56, Michael Tremer wrote:
>> If we want to create a big IPS update, there is a new release of vector scan available, too:
>>   https://github.com/VectorCamp/vectorscan/releases/tag/vectorscan%2F5.4.12
> 
> I will submit a patch for this.
> 
>> -Michael
>>> On 22 Jul 2025, at 16:54, Michael Tremer <michael.tremer@ipfire.org> wrote:
>>> 
>>> Hello Adolf,
>>> 
>>> This is great news.
>>> 
>>> Regarding to where this is going, I don’t know…
>>> 
>>> Generally I would say we should release as early as possible. However, the bottleneck that we currently have is that there is very limited test feedback. Since we already have OpenVPN in the next release, I would agree that this might be enough.
>>> 
>>> You can submit the patch no matter what and we can decide where to merge it later.
> 
> patch has been submitted.
> 
> Regards,
> 
> Adolf.
> 
>>> 
>>> -Michael
>>> 
>>>> On 22 Jul 2025, at 16:52, Adolf Belka <adolf.belka@ipfire.org> wrote:
>>>> 
>>>> Hi all,
>>>> 
>>>> I have done a patch submission for suricata-7.0.11 as there were a couple of CVE fixes for that.
>>>> 
>>>> However suricata-8.0.0 has been released. I have built it and installed it and confirmed that it is working as expected and that testing it with an alert blocked the traffic access and logged the information.
>>>> 
>>>> The question I have is should I submit a patch to update suricata to 8.0.0 in CU197 or wait for next to become CU198?
>>>> 
>>>> Regards,
>>>> 
>>>> Adolf.




^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2025-07-23  8:28 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-07-22 15:52 suricata-8.0.0 Adolf Belka
2025-07-22 15:54 ` suricata-8.0.0 Michael Tremer
2025-07-22 15:56   ` suricata-8.0.0 Michael Tremer
2025-07-22 17:01     ` suricata-8.0.0 Adolf Belka
2025-07-23  8:28       ` suricata-8.0.0 Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox