[Oisf-devel] Suricata 1.1rc1 Available!

Victor Julien victor at inliniac.net
Thu Nov 3 22:58:39 UTC 2011

The OISF development team is proud to announce Suricata 1.1rc1, the
first (and hopefully only) release candidate for Suricata 1.1. This
release fixes a number of issues in the 1.1beta3 release. In general
it's fairly small patchset aimed at stabilizing the 1.1 codebase.

Get the new release here:

The new release comes with a number of important improvements and fixes.

New features

- extended HTTP request logging for use with (among other things)
http_agent for Sguil (#38)
- AF_PACKET report drop stats on shutdown (#325)
- new counters in stats.log for flow and stream engines (#348)


- SMTP parsing code support for BDAT command (#347)
- HTTP URI normalization no longer converts to lowercase (#362)
- AF_PACKET works with privileges dropping now (#361)
- Prelude output for state matches (#264, #355)

Under the hood

- update of the pattern matching code that should improve accuracy
- rule parser was made more strict (#295, #312)

Notable Fixes & Changes

- multiple event suppressions for the same SID was fixed (#366)
- several accuracy fixes
- removal of the unified1 output plugins (#353)

Known issues & missing features

This is a "release candidate"-quality release so the stability should be
good although unexpected corner cases might happen. If you encounter
one, please let us know!

As always, we are doing our best to make you aware of continuing
development and items within the engine that are not yet complete or
optimal.  With this in mind, please notice the list we have included of
known items we are working on.

See http://redmine.openinfosecfoundation.org/projects/suricata/issues
for an up to date list and to report new issues. See
for a discussion and time line for the major issues.

Victor Julien
PGP: http://www.inliniac.net/victorjulien.asc

More information about the Oisf-devel mailing list