[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0-24-gd476c65

OISF Git noreply at openinfosecfoundation.org
Wed Apr 9 11:51:16 UTC 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  d476c654eea7cfa47c31f1d0a9901c1759c2da5e (commit)
      from  ab503873caa771ca2aa9e0c7e4c5fbc5a6498280 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d476c654eea7cfa47c31f1d0a9901c1759c2da5e
Author: Pierre Chifflier <pierre.chifflier at ssi.gouv.fr>
Date:   Wed Apr 9 09:52:00 2014 +0200

    TLS: add detection for malicious heartbeats (AKA heartbleed)
    The OpenSSL implementation of RFC 6520 (Heartbeat extension) does not
    check the payload length correctly, resulting in a copy of at most 64k
    of memory from the server (ref: CVE-2014-0160).
    This patch adds support for decoding heartbeat messages (if not
    encrypted), and checking several parts (type, length and padding).
    When an anomaly is detected, a TLS event is raised.


Summary of changes:
 rules/tls-events.rules |    5 +++-
 src/app-layer-ssl.c    |   72 ++++++++++++++++++++++++++++++++++++++++++++++++
 src/app-layer-ssl.h    |    3 ++
 3 files changed, 79 insertions(+), 1 deletion(-)


More information about the Oisf-devel mailing list