[Discussion] Suricata 2.0.1 Available!

Victor Julien victor at inliniac.net
Wed May 21 10:12:14 UTC 2014


The OISF development team is proud to announce Suricata 2.0.1. This
release brings TLS Heartbleed detection and fixes a number of issues in
the 2.0 release. There were no changes since 2.0.1rc1.

Get the new release here:
http://www.openinfosecfoundation.org/download/suricata-2.0.1.tar.gz

Notable changes

- OpenSSL Heartbleed detection. Thanks to Pierre Chifflier and Will Metcalf.
- Fixed Unix Socket runmode
- Fixed AF_PACKET IPS support

All closed tickets

- Feature #1157: Always create pid file if --pidfile command line option
is provided.
- Feature #1173: tls: OpenSSL heartbleed detection
- Bug #978: clean up app layer parser thread local storage
- Bug #1064: Lack of Thread Deinitialization For Decoder Modules
- Bug #1101: Segmentation in AppLayerParserGetTxCnt
- Bug #1136: negated app-layer-protocol FP on multi-TX flows
- Bug #1141: dns response parsing issue
- Bug #1142: dns tcp toclient protocol detection
- Bug #1143: tls protocol detection in case of tls-alert
- Bug #1144: icmpv6: unknown type events for MLD_* types
- Bug #1145: ipv6: support PAD1 in DST/HOP extension hdr
- Bug #1146: tls: event on 'new session ticket' in handshake
- Bug #1159: Possible memory exhaustion when an invalid bpf-filter is
used with AF_PACKET
- Bug #1160: Pcaps submitted via Unix Socket do not finish processing in
Suricata 2
- Bug #1161: eve: src and dst mixed up in some cases
- Bug #1162: proto-detect: make sure probing parsers for all registered
ports are run
- Bug #1163: HTP Segfault
- Bug #1165: af_packet - one thread consistently not working
- Bug #1170: rohash: CID 1197756: Bad bit shift operation (BAD_SHIFT)
- Bug #1176: AF_PACKET IPS mode is broken in 2.0
- Bug #1177: eve log do not show action 'dropped' just 'allowed'
- Bug #1180: Possible problem in stream tracking

Special thanks

We'd like to thank the following people and corporations for their
contributions and feedback:

- Ken Steele -- Tilera
- Jason Ish -- Endace/Emulex
- Tom Decanio -- nPulse
- Pierre Chifflier
- Will Metcalf
- Duarte Silva
- Brad Roether
- Christophe Vandeplas
- Jason Jones
- Jorgen Bohnsdalen
- Fábio Depin
- Gines Lopez
- Coverity

Known issues & missing features

If you encounter issues, please let us know! As always, we are doing our
best to make you aware of continuing development and items within the
engine that are not yet complete or optimal. With this in mind, please
notice the list we have included of known items we are working on. See
http://redmine.openinfosecfoundation.org/projects/suricata/issues for an
up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.

About Suricata

Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine. Open Source and owned by a community run non-profit
foundation, the Open Information Security Foundation (OISF). Suricata is
developed by the OISF, its supporting vendors and the community.
-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Discussion mailing list