[Oisf-announce] Suricata 2.0.1rc1 Available!

Mon May 12 14:01:03 UTC 2014

The OISF development team is proud to announce Suricata 2.0.1rc1, the
first (and hopefully only) release candidate for Suricata 2.0.1. This
brings TLS Heartbleed detection and fixes a number of issues in the 2.0
release.

Get the new release here:
http://www.openinfosecfoundation.org/download/suricata-2.0.1rc1.tar.gz

Notable changes

- OpenSSL Heartbleed detection. Thanks to Pierre Chifflier and Will Metcalf.
- Fixed Unix Socket runmode
- Fixed AF_PACKET IPS support

All closed tickets

- Feature #1157: Always create pid file if --pidfile command line option
is provided.
- Feature #1173: tls: OpenSSL heartbleed detection
- Bug #978: clean up app layer parser thread local storage
- Bug #1064: Lack of Thread Deinitialization For Decoder Modules
- Bug #1101: Segmentation in AppLayerParserGetTxCnt
- Bug #1136: negated app-layer-protocol FP on multi-TX flows
- Bug #1141: dns response parsing issue
- Bug #1142: dns tcp toclient protocol detection
- Bug #1143: tls protocol detection in case of tls-alert
- Bug #1144: icmpv6: unknown type events for MLD_* types
- Bug #1145: ipv6: support PAD1 in DST/HOP extension hdr
- Bug #1146: tls: event on 'new session ticket' in handshake
- Bug #1159: Possible memory exhaustion when an invalid bpf-filter is
used with AF_PACKET
- Bug #1160: Pcaps submitted via Unix Socket do not finish processing in
Suricata 2
- Bug #1161: eve: src and dst mixed up in some cases
- Bug #1162: proto-detect: make sure probing parsers for all registered
ports are run
- Bug #1163: HTP Segfault
- Bug #1165: af_packet - one thread consistently not working
- Bug #1170: rohash: CID 1197756: Bad bit shift operation (BAD_SHIFT)
- Bug #1176: AF_PACKET IPS mode is broken in 2.0
- Bug #1177: eve log do not show action 'dropped' just 'allowed'
- Bug #1180: Possible problem in stream tracking

Special thanks

We'd like to thank the following people and corporations for their
contributions and feedback:

- Ken Steele -- Tilera
- Jason Ish -- Endace/Emulex
- Tom Decanio -- nPulse
- Pierre Chifflier
- Will Metcalf
- Duarte Silva
- Brad Roether
- Christophe Vandeplas
- Jason Jones
- Jorgen Bohnsdalen
- Fábio Depin
- Gines Lopez
- Ivan Ristic
- Coverity

Known issues & missing features

This is a "release candidate"-quality release so the stability should be
good although unexpected corner cases might happen. If you encounter
one, please let us know! As always, we are doing our best to make you
aware of continuing development and items within the engine that are not
yet complete or optimal.  With this in mind, please notice the list we
have included of known items we are working on.

See http://redmine.openinfosecfoundation.org/projects/suricata/issues
for an up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.

About Suricata

Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine. Open Source and owned by a community run non-profit
foundation, the Open Information Security Foundation (OISF). Suricata is
developed by the OISF, its supporting vendors and the community.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------