[Oisf-devel] [COMMIT] OISF branch, master-2.0.x, updated. suricata-2.0.4-15-gb99372c

OISF Git noreply at openinfosecfoundation.org
Wed Oct 29 10:45:07 UTC 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-2.0.x has been updated
       via  b99372cc5e196ed291328b0f73a4900761566d53 (commit)
       via  b659508d0f7521d00d558425fa354d26a6bbdbad (commit)
       via  012f36562db8e1b5189c655cf27a317f9f3caf10 (commit)
       via  08a04a0a1552009d1d452a6c5da40a4edf54a7d1 (commit)
       via  5b394cab31699421e1ef3e46efc5b00ca38a5b74 (commit)
       via  407ff92f58a29ef339f03bd88eeda49d80da0992 (commit)
       via  9e6acc50a98fc29cdbe171bbae15c18c5c71ef92 (commit)
       via  b6f9809403ec708a0a808b7e16dfec676e799846 (commit)
       via  a333f0234701f0e12c415b7280c2ad95e3131671 (commit)
      from  27182f7f659c0d9fb4aeb0ffee2360e76f501c54 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b99372cc5e196ed291328b0f73a4900761566d53
Author: Victor Julien <victor at inliniac.net>
Date:   Sat Oct 18 21:47:52 2014 +0200

    Suppress ARM valgrind warning
    Not Suricata related, so suppress.

commit b659508d0f7521d00d558425fa354d26a6bbdbad
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 23 12:54:13 2014 +0200

    stream: improve bad window update detection
    Ignore more valid ACKs in FIN shutdown phase.
    Improve heuristic for window shrinking in case of packet loss.

commit 012f36562db8e1b5189c655cf27a317f9f3caf10
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 18:38:19 2014 +0200

    stream: fix 'bad window update' false positive
    ACK packets completing a valid FIN shutdown could be flagged as
    'bad window update' if they would shrink the window.
    This patch detects this case before doing the bad window update

commit 08a04a0a1552009d1d452a6c5da40a4edf54a7d1
Author: Tom DeCanio <decanio.tom at gmail.com>
Date:   Fri Oct 10 09:40:37 2014 -0700

    sanity check tcp SACK edges prior to recording. Attempt to avoid Cisco ASA
    tcp randomization issue with it not properly writing sequence numbers in SACK.

commit 5b394cab31699421e1ef3e46efc5b00ca38a5b74
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 14:59:38 2014 +0200

    stream: improve handling of 3whs packet loss
    If the 3whs ACK and some data after this is lost, we would get stuck
    in the 'SYN_RECV' state, where from there each packet might be
    considered invalid.
    This patch improves the handling of this case.

commit 407ff92f58a29ef339f03bd88eeda49d80da0992
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 14:54:22 2014 +0200

    stream: fix ssh/ssl logging on tcp session reuse
    TCP session reuse wouldn't unset FLOW_NO_APPLAYER_INSPECTION.

commit 9e6acc50a98fc29cdbe171bbae15c18c5c71ef92
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 14:41:59 2014 +0200

    ssh.softwareversion: allow more characters
    The keyword would not allow matching on "OpenSSH_5.5p1 Debian-6+squeeze5"
    as the + and space characters were not allowed.
    This patch adds support for them.

commit b6f9809403ec708a0a808b7e16dfec676e799846
Author: Jason Ish <jason.ish at emulex.com>
Date:   Mon Sep 29 10:00:06 2014 -0600

    Bug 1230: Check all SigMatch lists for a named byte_extract variable.

commit a333f0234701f0e12c415b7280c2ad95e3131671
Author: Jason Ish <jason.ish at emulex.com>
Date:   Mon Sep 29 09:37:03 2014 -0600

    Bug 1230: Simple test case demonstrating failure.


Summary of changes:
 qa/valgrind.suppress              |   16 ++++++
 src/detect-byte-extract.c         |   32 +++++++----
 src/detect-byte-extract.h         |    2 +-
 src/detect-bytejump.c             |    2 +-
 src/detect-bytetest.c             |    4 +-
 src/detect-depth.c                |    2 +-
 src/detect-distance.c             |    2 +-
 src/detect-isdataat.c             |    2 +-
 src/detect-offset.c               |    2 +-
 src/detect-ssh-software-version.c |    2 +-
 src/detect-within.c               |   36 +++++++++++-
 src/stream-tcp-sack.c             |   92 +++++++++++++++++++++++++++++
 src/stream-tcp.c                  |  115 +++++++++++++++++++++++++++++++++----
 13 files changed, 275 insertions(+), 34 deletions(-)


More information about the Oisf-devel mailing list