[Oisf-devel] [COMMIT] OISF annotated tag, suricata-1.4beta3, created. suricata-1.4beta3

noreply at openinfosecfoundation.org noreply at openinfosecfoundation.org
Wed Nov 14 17:18:07 UTC 2012 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The annotated tag, suricata-1.4beta3 has been created
        at  a8b38f79acbff466d71333cd6cea246045f3f159 (tag)
   tagging  8660877961a3942738f3361c56d75941e6f30ab9 (commit)
  replaces  suricata-1.4beta2
 tagged by  Victor Julien
        on  Wed Nov 14 18:17:18 2012 +0100

- Log -----------------------------------------------------------------
tag 1.4beta3 release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEABECAAYFAlCj0h4ACgkQiSMBBAuniMdGBACfaFXCgK/5A+10cBV8rqciGMoa
IYkAn3BCdipSzyp0WHwbOpcoo5LXTH9V
=9ZEi
-----END PGP SIGNATURE-----

Anoop Saldanha (14):
      Update suricata to use FlowReference/FlowDeReference for the ones left out
      Move Flow Reference/Dereferene api from flow-util.h to flow.h.
      Remove dead comment about flow reference api duplicate
      update client/server/http_header to use a different form of
      Engine cleanup.  Remove all old engine inspection and mpm functions.
      Change all inspect callbacks to accept TV and a tx_id param.
      New app inspection engine introduced.  Moved existing inspecting engines to use it.
      unittest to reveal a bug/segv in our hsbd buffering code.
      fix segv in hcbd and hsbd buffering.
      fix flow deadlock issue in detection engine state introduced by tx api.
      change default mpm to ac. Also default sgh-mpm-context is full.
      feature #558.
      fix wrong record hdr len check in ssl parser
      fix uninit var usage in hhd

Eric Leblond (32):
      suricata: list-keywords does not depend on unittest
      pf-ring: add counter for kernel drop and packets
      af-packet: dump counter every seconds.
      af-packet: fix possible infinite loop.
      stream.inline: add 'auto' mode
      OpenBSD: magic.mc path has changed in OpenBSD 5.1
      OpenBSD: no support for profiling
      pf_ring: don't set cluster for DNA interface.
      pf-ring: fix build
      nfq: suppress non loop receive function
      ipfw: suppress non loop receive function
      build: error on implicit function declaration
      gcc: construct use for warning was too recent.
      yaml: document the threads setting in pcap section.
      pcap: ref config according to threads count
      suricata: add run-as.user and run-as.group yaml var
      configure: differentiate gcc and clang options
      configure: improve march=native detection
      configure: fix small typo.
      suricata: change dir to / in daemon mode.
      suricata: avoid concurrent run in daemon mode
      suricata: add daemon-directory config variable
      coccinelle: add new correct case to error treatment
      coccinelle: improve run_check
      napatech: treat malloc error
      backport oom fixes
      coccinelle: fix distcheck
      pcap: add capture counters in stats.log.
      suricata: display PID file name in case of error.
      suricata: don't exit if pidfile can't be created
      install: create state dir with install-conf
      logging: add warning if no output module is selected

Matt Keeler (3):
      Napatech 3GD Support
      Remove Napatech 2GD support
      Refactor Napatech 3GD to just Napatech as Suricata is only going to support 3GD.

Victor Julien (49):
      For signatures with the dsize option set depth on any content match in that sig.
      Add dsize check to prefilter stage
      profiling: fix rule profiling output sometimes missing sid,rev,gid. Bug #576.
      yaml: default to cluster_flow type for AF_PACKET and PF_RING
      Fix/suppress a couple of harmless compiler warnings.
      libhtp: don't use internal iterator
      stream: add option to match on overlapping data
      stream: don't reject RST as response to SYN because of ACK
      stream: go from FIN_WAIT_1 to CLOSING on simultaneous close.
      stream: handle retransmission of lost data packet on TIME_WAIT state
      stream: ignore ack value if ack flag is not set. Add stream.pkt_broken_ack event for when ack value is not 0 and ack flag not set.
      stream: detect keep-alive packets so we don't consider those invalid
      stream: don't flag zero window probe packets as out of window. Bug #604.
      stream: detect retransmissions on closewait and finwait2 states
      stream: disable retransmission packet before last ack sig as it is fairly common in regular traffic
      stream: accept ack with next_seq + 1 on last_ack state
      stream: detect retransmissions on timewait state
      stream: fix retransmission on closewait being considered out of window
      stream: change how retransmissions are handled and detected.
      http: allow configuration of request and response body inspection limits. Issue #560.
      http: now that htp_state has a cfg reference, use it for body limits
      http: fix http header reassembly bug causing some headers to be left out of the inspected buffer
      luajit: suppress compiler warning
      magic: add test showing payload resulting in libmagic invalid read as reported by valgrind.
      Bug 585: use per detect thread libmagic ctx
      Fix drop (and other actions) not being applied to thresholded packets. Bug #613.
      http: fix client and server body sometimes being inspected in wrong order
      filestore: fix a case where a matching non-filestore sig could trigger the store of a partially matching filestore sig.
      Remove pcre jit warning. Bug #579.
      filestore: fix logic flag in continued stateful detection
      Don't use SCStrdup in SCLogMessage as we call it on OOM condition, leading to endless recursion. SCStrdup failure calling SCLogMessage...
      http: don't assume http tx to have header alloc'd. Can happen in OOM conditions. Bug #587.
      libhtp: harden code against malloc failures. Bug #587.
      flow: fix crash when flow engine under extreme stress, and unable to force free any existing flow
      Fix GetUsed functions for Host, Flow and Defrag.
      Silence compiler warning if napatech3 support is disabled
      OpenBSD 5.2 build fixes, Unit test fix.
      Remove unnecessary debug message
      minor misc changes: update htp ver, add htp ver to --build-info, clean up
      build cleanups
      build cleanup, build source files in alphabetical order
      configure formatting fixes
      build: more checking for includes
      pkt-data: don't compile unittest unless unittests are enabled
      byte_jump: when from_beginning option is used, the number of bytes to convert should not be used in the jump. Bug 627.
      Add contrib dir and it's content to the dist. Bug 567
      libhtp: updated bundled libhtp to 0.2.11
      Update changelog to reflect 1.4beta3 changes.
      undo setting exact version in configure.ac

Xavier Lange (1):
      Keyword pkt_data

-----------------------------------------------------------------------


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list