Page MenuHomeSolus

Update suricata to 4.1.3
ClosedPublic

Authored by kyrios123 on Mar 10 2019, 9:54 AM.

Details

Summary
  • when stats info dumping in redis,the decoder.ipv4.trunc_pkt can’t output.In the same time, in the stats.log this can output
  • rule reload with workers mode and NFQUEUE not working stable
  • Include ebpf files in distributed sources
  • SSLv3 – AddressSanitizer heap-buffer-overflow
  • TCP FIN/ACK, RST/ACK in HTTP – detection bypass
  • afpacket doesn’t wait for all capture threads to start
  • dns v1/2 with rust results in less app layer data available in the alert record (for dns related alerts/rules) (4.1.x)
  • netmap/afpacket IPS: stream.inline: auto broken
  • configure.ac: broken –{enable,disable}-xxx options (4.1.x)
  • IPS mode crash under load
  • pcre related FP in HTTP inspection (4.1.x)
  • Suricata rule sid:2224005 SURICATA IKEv2 weak cryptographic parameters (Diffie-Hellman) not works (4.1.x)

Signed-off-by: Pierre-Yves <pyu@riseup.net>

Test Plan

Successfully executed sudo suricata -c /etc/suricata/suricata.yaml -i enp0s3

Diff Detail

Repository
R2980 suricata
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.
kyrios123 created this revision.Mar 10 2019, 9:54 AM
kyrios123 requested review of this revision.Mar 10 2019, 9:54 AM
JoshStrobl accepted this revision.Mar 11 2019, 6:57 PM
This revision is now accepted and ready to land.Mar 11 2019, 6:57 PM
This revision was automatically updated to reflect the committed changes.