Excerpt from changelog:
"6.0.11 -- 2023-04-13
Security #5947: byte_math: Division by zero possible. (6.0.x backport) Bug #5970: detect: reload can stall if flow housekeeping takes too long (6.0.x backport) Bug #5967: flowworker: Assertion in CheckWorkQueue (6.0.x backport) Bug #5953: http: multipart data is not filled up to request.body-limit (6.0.x backport) Bug #5951: detect: multi-tenancy crash (6.0.x backport) Bug #5950: http2: quadratic complexity when reducing dynamic headers table size (6.0.x backport) Bug #5949: smtp: quadratic complexity for tx iterator with linked list (6.0.x backport) Bug #5948: fast_pattern assignment of specific content in combination with urilen results in FN (6.0.x backport) Bug #5946: flow/manager: fix unhandled division by 0 (prealloc: 0) (6.0.x backport) Bug #5942: exception/policy: flow action doesn't fall back to packet action when there's no flow (6.0.x backports) Bug #5933: smb: tx logs sometimes have duplicate `tree_id` output (6.0.x backport) Bug #5932: rfb/eve: depth in pixel format logged twice (6.0.x backport) Bug #5906: dns: unused events field can overflow as an integer Bug #5903: UBSAN: undefined shift in DetectByteMathDoMatch (6.0.x backport) Bug #5899: smb: no consistency check between NBSS length and length field for some SMB operations (6.0.x backport) Bug #5898: smb: possible evasion with trailing nbss data (6.0.x backport) Bug #5896: base64_decode not populating up to an invalid character (6.0.x backport) Bug #5895: stream: connections time out too early (6.0.x backport) Bug #5889: stream: SYN/ACK timestamp checking blocks valid traffic (6.0.x backport) Bug #5888: false-positive drop event_types possible on passed packets (6.0.x backport) Bug #5887: stream: overlap with different data false positive (6.0.x backport) Bug #5886: mime: debug assertion on fuzz input (6.0.x backport) Bug #5879: netmap: Module registration displays whether info about new API usage Bug #5863: netmap: packet stalls (6.0.x backport) Bug #5854: SMTP does not handle LF post line limit properly (6.0.x backport) Bug #5852: tcp/stream: session reuse on tcp flows w/o sessions (6.0.x backport) Feature #5853: yaml: set suricata version in generated config (6.0.x backport) Task #5985: libhtp 0.5.43 (6.0.x backport)"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org --- lfs/suricata | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/suricata b/lfs/suricata index 98710d9e2..75698b0b1 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -24,7 +24,7 @@
include Config
-VER = 6.0.10 +VER = 6.0.11
THISAPP = suricata-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532 +$(DL_FILE)_BLAKE2 = 41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4
install : $(TARGET)
For details see: https://github.com/OISF/libhtp/releases/tag/0.5.43
"htp: do not log content-encoding: none htp: do not error on multiple 100 Continue readme: remove note on libhtp not being stable uri: fix compile warning strict-prototypes bstr: fix compile warning strict-prototypes fuzz_diff: Free the rust test object. github: add CIFuzz workflow"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org --- lfs/libhtp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/libhtp b/lfs/libhtp index 80963c013..0b6015cde 100644 --- a/lfs/libhtp +++ b/lfs/libhtp @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 0.5.42 +VER = 0.5.43
THISAPP = libhtp-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8e1446992c40c2c2e9e7dd096803752245eebf3b5e48e0215430dbfe225ae029b2e01fadca61bdd994b534a0ed140b0a0149aa9a0dde64409ebf0afdd2bf6fd7 +$(DL_FILE)_BLAKE2 = 071cadc254b7af55bf410db5689429ca7588005b2f74fbd8468f2d6eeaf00c55ae99e8dd78552a5bf11ace5c8047b28a844db343937827a428b6d8b8d9036d29
install : $(TARGET)
-
Matthias Fischer