From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 2/2] Suricata: update to 5.0.3
Date: Wed, 29 Apr 2020 11:31:15 +0100 [thread overview]
Message-ID: <AB8D7727-B8EA-4398-A465-8B5D135F774F@ipfire.org> (raw)
In-Reply-To: <e434a254-ad43-870f-4b5c-6bd90c5e46f2@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 4258 bytes --]
Acked-by: Michael Tremer <michael.tremer(a)ipfire.org>
> On 28 Apr 2020, at 17:36, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>
> Release notes (https://suricata-ids.org/2020/04/28/suricata-5-0-3-released/, truncated):
>
> This is the first release after Suricata joined the Oss-Fuzz program, leading to
> discovery of a number of (potential) security issues. We expect that in the coming
> months we’ll fix more such issues, as the fuzzers increase their coverage and we
> continue to improve the seed corpus.
>
> Feature #3481: GRE ERSPAN Type 1 Support
> Feature #3613: Teredo port configuration
> Feature #3673: datasets: add ‘dataset-remove’ unix command
> Bug #3240: Dataset hash-size or prealloc invalid value logging
> Bug #3241: Dataset reputation invalid value logging
> Bug #3342: Suricata 5.0 crashes while parsing SMB data
> Bug #3450: signature with sticky buffer with subsequent pcre check in a different buffer loads but will never match
> Bug #3491: Backport 5 BUG_ON(strcasecmp(str, “any”) in DetectAddressParseString
> Bug #3507: rule parsing: memory leaks
> Bug #3526: 5.0.x Kerberos vulnerable to TCP splitting evasion
> Bug #3534: Skip over ERF_TYPE_META records
> Bug #3552: file logging: complete files sometimes marked ‘TRUNCATED’
> Bug #3571: rust: smb compile warnings
> Bug #3573: TCP Fast Open – Bypass of stateless alerts
> Bug #3574: Behavior for tcp fastopen
> Bug #3576: Segfault when facing malformed SNMP rules
> Bug #3577: SIP: Input not parsed when header values contain trailing spaces
> Bug #3580: Faulty signature with two threshold keywords does not generate an error and never match
> Bug #3582: random failures on sip and http-evader suricata-verify tests
> Bug #3585: htp: asan issue
> Bug #3592: Segfault on SMTP TLS
> Bug #3598: rules: memory leaks in pktvar keyword
> Bug #3600: rules: bad address block leads to stack exhaustion
> Bug #3602: rules: crash on ‘internal’-only keywords
> Bug #3604: rules: missing ‘consumption’ of transforms before pkt_data would lead to crash
> Bug #3606: rules: minor memory leak involving pcre_get_substring
> Bug #3609: ssl/tls: ASAN issue in SSLv3ParseHandshakeType
> Bug #3610: defrag: asan issue
> Bug #3612: rules/bsize: memory issue during parsing
> Bug #3614: build-info and configure wrongly display libnss status
> Bug #3644: Invalid memory read on malformed rule with Lua script
> Bug #3646: rules: memory leaks on failed rules
> Bug #3649: CIDR Parsing Issue
> Bug #3651: FTP response buffering against TCP stream
> Bug #3653: Recursion stack-overflow in parsing YAML configuration
> Bug #3660: Multiple DetectEngineReload and bad insertion into linked list lead to buffer overflow
> Bug #3665: FTP: Incorrect ftp_memuse calculation.
> Bug #3667: Signature with an IP range creates one IPOnlyCIDRItem by signe IP address
> Bug #3669: Rules reload with Napatech can hang Suricata UNIX manager process
> Bug #3672: coverity: data directory handling issues
> Bug #3674: Protocol detection evasion by packet splitting
> Optimization #3406: filestore rules are loaded without warning when filestore is not enabled
> Task #3478: libhtp 0.5.33
> Task #3514: SMTP should place restraints on variable length items (e.g., filenames)
> Documentation #3543: doc: add ipv4.hdr and ipv6.hdr
> Bundled libhtp 0.5.33
> Bundled Suricata-Update 1.1.2
>
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> ---
> lfs/suricata | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lfs/suricata b/lfs/suricata
> index fdff36ca6..9369500ac 100644
> --- a/lfs/suricata
> +++ b/lfs/suricata
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 5.0.2
> +VER = 5.0.3
>
> THISAPP = suricata-$(VER)
> DL_FILE = $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_MD5 = 28470c05f0f1d3eae2a0c7312c3eabc3
> +$(DL_FILE)_MD5 = d302ae41735551e2e1198e965d452664
>
> install : $(TARGET)
>
> --
> 2.16.4
next prev parent reply other threads:[~2020-04-29 10:31 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-28 16:35 [PATCH 1/2] libhtp: update to 0.5.33 Peter Müller
2020-04-28 16:36 ` [PATCH 2/2] Suricata: update to 5.0.3 Peter Müller
2020-04-29 10:31 ` Michael Tremer [this message]
2020-04-29 10:31 ` [PATCH 1/2] libhtp: update to 0.5.33 Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AB8D7727-B8EA-4398-A465-8B5D135F774F@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox