[Discussion] Suricata 1.3.1 Available!
Victor Julien
victor at inliniac.net
Tue Aug 21 07:46:17 UTC 2012
The OISF development team is pleased to announce Suricata 1.3.1. This is
the first maintenance release of Suricata 1.3 with some important fixes.
As a bonus AF_PACKET's performance was greatly improved.
Because of the fixes below, upgrading is highly recommended. When
upgrading, please review:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Upgrading_Suricata_13_to_Suricata_131
Download:
http://www.openinfosecfoundation.org/download/suricata-1.3.1.tar.gz
Improvements
- AF_PACKET performance improvements
- Defrag engine performance improvements
- HTTP: add per server options to enable/disable double decoding of URI
(#464, #504)
Fixes
- Stream engine packet handling for packets with non-standard flag
combinations (#508)
- Improved stream engine handling of packet loss (#523)
- Stream engine checksum alerting fixed
- Various rule analyzer fixes (#495, #496, #497)
- (Rule) profiling fixed and improved (#460, #466)
- Enforce limit on max-pending-packets (#510)
- fast_pattern on negated content improved
- TLS rule keyword parsing issues
- Windows build fixes (#502)
- Host OS parsing issues fixed (#499)
- Reject signatures where content length is bigger than "depth" setting
(#505)
- Removed unused "prune-flows" option
- Set main thread and live reload thread names (#498)
Known issues & missing features
If you encounter issues, please let us know! As always, we are doing our
best to make you aware of continuing development and items within the
engine that are not yet complete or optimal. With this in mind, please
notice the list we have included of known items we are working on.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Discussion
mailing list