From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH 2/2] Suricata: update to 5.0.3 Date: Tue, 28 Apr 2020 18:36:32 +0200 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6912615559425698303==" List-Id: --===============6912615559425698303== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Release notes (https://suricata-ids.org/2020/04/28/suricata-5-0-3-released/, = truncated): This is the first release after Suricata joined the Oss-Fuzz program, lea= ding to discovery of a number of (potential) security issues. We expect that in t= he coming months we=E2=80=99ll fix more such issues, as the fuzzers increase their = coverage and we continue to improve the seed corpus. Feature #3481: GRE ERSPAN Type 1 Support Feature #3613: Teredo port configuration Feature #3673: datasets: add =E2=80=98dataset-remove=E2=80=99 unix command Bug #3240: Dataset hash-size or prealloc invalid value logging Bug #3241: Dataset reputation invalid value logging Bug #3342: Suricata 5.0 crashes while parsing SMB data Bug #3450: signature with sticky buffer with subsequent pcre check in a d= ifferent buffer loads but will never match Bug #3491: Backport 5 BUG_ON(strcasecmp(str, =E2=80=9Cany=E2=80=9D) in De= tectAddressParseString Bug #3507: rule parsing: memory leaks Bug #3526: 5.0.x Kerberos vulnerable to TCP splitting evasion Bug #3534: Skip over ERF_TYPE_META records Bug #3552: file logging: complete files sometimes marked =E2=80=98TRUNCAT= ED=E2=80=99 Bug #3571: rust: smb compile warnings Bug #3573: TCP Fast Open =E2=80=93 Bypass of stateless alerts Bug #3574: Behavior for tcp fastopen Bug #3576: Segfault when facing malformed SNMP rules Bug #3577: SIP: Input not parsed when header values contain trailing spac= es Bug #3580: Faulty signature with two threshold keywords does not generate= an error and never match Bug #3582: random failures on sip and http-evader suricata-verify tests Bug #3585: htp: asan issue Bug #3592: Segfault on SMTP TLS Bug #3598: rules: memory leaks in pktvar keyword Bug #3600: rules: bad address block leads to stack exhaustion Bug #3602: rules: crash on =E2=80=98internal=E2=80=99-only keywords Bug #3604: rules: missing =E2=80=98consumption=E2=80=99 of transforms bef= ore pkt_data would lead to crash Bug #3606: rules: minor memory leak involving pcre_get_substring Bug #3609: ssl/tls: ASAN issue in SSLv3ParseHandshakeType Bug #3610: defrag: asan issue Bug #3612: rules/bsize: memory issue during parsing Bug #3614: build-info and configure wrongly display libnss status Bug #3644: Invalid memory read on malformed rule with Lua script Bug #3646: rules: memory leaks on failed rules Bug #3649: CIDR Parsing Issue Bug #3651: FTP response buffering against TCP stream Bug #3653: Recursion stack-overflow in parsing YAML configuration Bug #3660: Multiple DetectEngineReload and bad insertion into linked list= lead to buffer overflow Bug #3665: FTP: Incorrect ftp_memuse calculation. Bug #3667: Signature with an IP range creates one IPOnlyCIDRItem by signe= IP address Bug #3669: Rules reload with Napatech can hang Suricata UNIX manager proc= ess Bug #3672: coverity: data directory handling issues Bug #3674: Protocol detection evasion by packet splitting Optimization #3406: filestore rules are loaded without warning when files= tore is not enabled Task #3478: libhtp 0.5.33 Task #3514: SMTP should place restraints on variable length items (e.g., = filenames) Documentation #3543: doc: add ipv4.hdr and ipv6.hdr Bundled libhtp 0.5.33 Bundled Suricata-Update 1.1.2 Signed-off-by: Peter M=C3=BCller --- lfs/suricata | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/suricata b/lfs/suricata index fdff36ca6..9369500ac 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 5.0.2 +VER =3D 5.0.3 =20 THISAPP =3D suricata-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 28470c05f0f1d3eae2a0c7312c3eabc3 +$(DL_FILE)_MD5 =3D d302ae41735551e2e1198e965d452664 =20 install : $(TARGET) =20 --=20 2.16.4 --===============6912615559425698303==--