[Oisf-devel] [COMMIT] OISF branch, master-2.0.x, updated. suricata-2.0.4-15-gb99372c
OISF Git
noreply at openinfosecfoundation.org
Wed Oct 29 10:45:07 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master-2.0.x has been updated
via b99372cc5e196ed291328b0f73a4900761566d53 (commit)
via b659508d0f7521d00d558425fa354d26a6bbdbad (commit)
via 012f36562db8e1b5189c655cf27a317f9f3caf10 (commit)
via 08a04a0a1552009d1d452a6c5da40a4edf54a7d1 (commit)
via 5b394cab31699421e1ef3e46efc5b00ca38a5b74 (commit)
via 407ff92f58a29ef339f03bd88eeda49d80da0992 (commit)
via 9e6acc50a98fc29cdbe171bbae15c18c5c71ef92 (commit)
via b6f9809403ec708a0a808b7e16dfec676e799846 (commit)
via a333f0234701f0e12c415b7280c2ad95e3131671 (commit)
from 27182f7f659c0d9fb4aeb0ffee2360e76f501c54 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b99372cc5e196ed291328b0f73a4900761566d53
Author: Victor Julien <victor at inliniac.net>
Date: Sat Oct 18 21:47:52 2014 +0200
Suppress ARM valgrind warning
Not Suricata related, so suppress.
commit b659508d0f7521d00d558425fa354d26a6bbdbad
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 23 12:54:13 2014 +0200
stream: improve bad window update detection
Ignore more valid ACKs in FIN shutdown phase.
Improve heuristic for window shrinking in case of packet loss.
commit 012f36562db8e1b5189c655cf27a317f9f3caf10
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 16 18:38:19 2014 +0200
stream: fix 'bad window update' false positive
ACK packets completing a valid FIN shutdown could be flagged as
'bad window update' if they would shrink the window.
This patch detects this case before doing the bad window update
check.
commit 08a04a0a1552009d1d452a6c5da40a4edf54a7d1
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Fri Oct 10 09:40:37 2014 -0700
sanity check tcp SACK edges prior to recording. Attempt to avoid Cisco ASA
tcp randomization issue with it not properly writing sequence numbers in SACK.
commit 5b394cab31699421e1ef3e46efc5b00ca38a5b74
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 16 14:59:38 2014 +0200
stream: improve handling of 3whs packet loss
If the 3whs ACK and some data after this is lost, we would get stuck
in the 'SYN_RECV' state, where from there each packet might be
considered invalid.
This patch improves the handling of this case.
commit 407ff92f58a29ef339f03bd88eeda49d80da0992
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 16 14:54:22 2014 +0200
stream: fix ssh/ssl logging on tcp session reuse
TCP session reuse wouldn't unset FLOW_NO_APPLAYER_INSPECTION.
commit 9e6acc50a98fc29cdbe171bbae15c18c5c71ef92
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 16 14:41:59 2014 +0200
ssh.softwareversion: allow more characters
The keyword would not allow matching on "OpenSSH_5.5p1 Debian-6+squeeze5"
as the + and space characters were not allowed.
This patch adds support for them.
commit b6f9809403ec708a0a808b7e16dfec676e799846
Author: Jason Ish <jason.ish at emulex.com>
Date: Mon Sep 29 10:00:06 2014 -0600
Bug 1230: Check all SigMatch lists for a named byte_extract variable.
commit a333f0234701f0e12c415b7280c2ad95e3131671
Author: Jason Ish <jason.ish at emulex.com>
Date: Mon Sep 29 09:37:03 2014 -0600
Bug 1230: Simple test case demonstrating failure.
-----------------------------------------------------------------------
Summary of changes:
qa/valgrind.suppress | 16 ++++++
src/detect-byte-extract.c | 32 +++++++----
src/detect-byte-extract.h | 2 +-
src/detect-bytejump.c | 2 +-
src/detect-bytetest.c | 4 +-
src/detect-depth.c | 2 +-
src/detect-distance.c | 2 +-
src/detect-isdataat.c | 2 +-
src/detect-offset.c | 2 +-
src/detect-ssh-software-version.c | 2 +-
src/detect-within.c | 36 +++++++++++-
src/stream-tcp-sack.c | 92 +++++++++++++++++++++++++++++
src/stream-tcp.c | 115 +++++++++++++++++++++++++++++++++----
13 files changed, 275 insertions(+), 34 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list