[Discussion] Suricata 2.0.2 Available!

Victor Julien victor at inliniac.net
Wed Jun 25 16:36:04 UTC 2014


The OISF development team is proud to announce Suricata 2.0.2. This
release fixes a number of issues in the 2.0 series.

Get the new release here:
http://www.openinfosecfoundation.org/download/suricata-2.0.2.tar.gz

Notable changes

- IP defrag issue leading to evasion. Bug discovered by Antonios Atlasis
working with ERNW GmbH
- Support for NFLOG as a capture method. Nice work by Giuseppe Longo
- DNS TXT parsing and logging. Funded by Emerging Threats
- Log rotation through SIGHUP. Created by Jason Ish of Endace/Emulex

All closed tickets

- Feature #781: IDS using NFLOG iptables target
- Feature #1158: Parser DNS TXT data parsing and logging
- Feature #1197: liblua support
- Feature #1200: sighup for log rotation
- Bug #1098: http_raw_uri with relative pcre parsing issue
- Bug #1175: unix socket: valgrind warning
- Bug #1189: abort() in 2.0dev (rev 6fbb955) with pf_ring 5.6.3
- Bug #1195: nflog: cppcheck reports memleaks
- Bug #1206: ZC pf_ring not working with Suricata 2.0.1 (or latest git)
- Bug #1211: defrag issue
- Bug #1212: core dump (after a while) when
app-layer.protocols.http.enabled = yes
- Bug #1214: Global Thresholds (sig_id 0, gid_id 0) not applied
correctly if a signature has event vars
- Bug #1217: Segfault in unix-manager.c line 529 when using
--unix-socket and sending pcap files to be analized via socket

Special thanks

We'd like to thank the following people and corporations for their
contributions and feedback:

- Ken Steele -- Tilera
- Jason Ish -- Endace/Emulex
- Tom Decanio -- nPulse
- Antonios Atlasis working with ERNW GmbH
- Alessandro Guido
- Mats Klepsland
- @rmkml
- Luigi Sandon
- Christie Bunlon
- @42wim
- Jeka Pats
- Noam Meltzer
- Ivan Ristic

Known issues & missing features

If you encounter issues, please let us know! As always, we are doing our
best to make you aware of continuing development and items within the
engine that are not yet complete or optimal. With this in mind, please
notice the list we have included of known items we are working on. See
http://redmine.openinfosecfoundation.org/projects/suricata/issues for an
up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.

About Suricata

Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine. Open Source and owned by a community run non-profit
foundation, the Open Information Security Foundation (OISF). Suricata is
developed by the OISF, its supporting vendors and the community.
-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Discussion mailing list