[Oisf-devel] [COMMIT] OISF branch, master-1.4.x, updated. suricata-1.4.5-35-g0d34069

noreply at openinfosecfoundation.org noreply at openinfosecfoundation.org
Tue Sep 24 11:04:23 UTC 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-1.4.x has been updated
       via  0d340690cd4cc3d2bfa1bf145553b272a9ceb1b2 (commit)
       via  70c535220ebcfa111cb1878b658b8dbe302b380d (commit)
       via  b7f6f9724595e7f595c3cc4fc9fa4d3d0839e122 (commit)
      from  3cf65fe72aa522a4d504b057523e82d6049b3385 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 0d340690cd4cc3d2bfa1bf145553b272a9ceb1b2
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Sep 24 12:27:56 2013 +0200

    Update changelog for 1.4.6

commit 70c535220ebcfa111cb1878b658b8dbe302b380d
Author: Anoop Saldanha <anoopsaldanha at gmail.com>
Date:   Tue Sep 24 11:31:37 2013 +0530

    Add decoder event rule for tls event "invalid_ssl_record", which will now be available "app-layer-event:tls.invalid_ssl_record".

commit b7f6f9724595e7f595c3cc4fc9fa4d3d0839e122
Author: Anoop Saldanha <anoopsaldanha at gmail.com>
Date:   Fri Sep 13 19:57:29 2013 +0530

    bug #955 - Fix SSL parsing issue.
    
    The parser wasn't carrying out a bounds check on record length while
    in the middle of parsing a handshake.  As a result we would step onto the
    next record header and consider it a part of the current handshake.
    
    - Contains an unittest to test the issue.
    - Disable the duplicate parser unittest registration.
    
    The issue came to light through an irregular ssl record, which was
    reported by Sebastian Roschke, via CVE-2013-5919.
    
    Thanks to Sebastian Roschke for reporting this issue.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog              |   10 +
 rules/tls-events.rules |    3 +-
 src/app-layer-ssl.c    |  469 ++++++++++++++++++++++++++++++++++++++++++++++--
 src/app-layer-ssl.h    |    1 +
 4 files changed, 470 insertions(+), 13 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list