[Oisf-announce] Suricata 4.1.4 released

Victor Julien victor at inliniac.net
Tue Apr 30 12:51:17 UTC 2019


We're pleased to announce *Suricata 4.1.4*. This security release fixes
a number of issues found in the 4.1 branch.

Get the release here:
https://www.openinfosecfoundation.org/download/suricata-4.1.4.tar.gz


*Changes*

Bug #2870: pcap logging with lz4 coverity warning
Bug #2883: ssh: heap buffer overflow
Bug #2884: mpls: heapbuffer overflow in file decode-mpls.c
Bug #2887: decode-ethernet: heapbuffer overflow in file decode-ethernet.c
Bug #2888: 4.1.3 core in HCBDCreateSpace
Bug #2894: smb 1 create andx request does not parse the filename correctly
Bug #2902: rust/dhcp: panic in dhcp parser
Bug #2903: mpls: cast of misaligned data leads to undefined behavior
Bug #2904: rust/ftp: panic in ftp parser
Bug #2943: rust/nfs: integer underflow
This release includes Suricata-Update 1.0.5


*Special thanks*

Alexander Bluhm, Giuseppe Longo, Max Fillinger, Wesley van der Ree,
Jason Taylor
Sirko Höer -- Code Intelligence GmbH, DCSO.


*Trainings*

See https://suricata_events.eventbrite.com/ for the current list of
planned training sessions.


*Suricon*

The CFP for Suricon 2019 is open! Submit your talk proposal at:
https://suricon.net/


*About Suricata*

Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by OISF, its supporting vendors and the
community.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Oisf-announce mailing list