[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta4-161-gc2f4031

OISF Git noreply at openinfosecfoundation.org
Mon Jul 6 13:50:33 UTC 2015

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  c2f4031a8cfdd24f20085fb1a29a1c628b34eb86 (commit)
       via  91efdadf8e871662a6bc4cfad0a21d707a31eded (commit)
       via  cd9cc2559e33590033debdc09b45c83f433052ce (commit)
       via  d36eba4e5e378e5ea8dc3f1a760781f00502f6bb (commit)
       via  d592d570396c19681d57e7bcb85ca13020424dbd (commit)
      from  e583de05823c51694cb443d326e7b0ed13cb457e (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c2f4031a8cfdd24f20085fb1a29a1c628b34eb86
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Jul 6 13:33:36 2015 +0200

    detect: fix settings override for reloads

commit 91efdadf8e871662a6bc4cfad0a21d707a31eded
Author: Helmut Schaa <helmut.schaa at googlemail.com>
Date:   Mon Jun 29 16:04:14 2015 +0200

    Disable pcap-config use during cross compilation
    This allows cross compilation where the host system has pcap-config
    installed and would create an invalid entry in the cross-CFLAGS.

commit cd9cc2559e33590033debdc09b45c83f433052ce
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Fri Jun 26 11:38:59 2015 +0300

    Issue 1491: fix capabilities for pf_ring mode when running under non-root account

commit d36eba4e5e378e5ea8dc3f1a760781f00502f6bb
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Mon Jun 29 20:46:15 2015 +0300

    Fix issues #1493 and #1494

commit d592d570396c19681d57e7bcb85ca13020424dbd
Author: Giuseppe Longo <giuseppelng at gmail.com>
Date:   Fri May 15 11:05:29 2015 +0200

    file_data: check for signature alproto and flow
    Currently the following rule can't be loaded:
    alert tcp any any -> any 25 (msg:"SMTP file_data test"; flow:to_server,established; file_data; content:"abc";sid:1;)
    and produces the error output:
    "Can't use file_data with flow:to_server or from_client with http or smtp."
    This checks if the alproto is not http in a signature,
    so permits to use flow keyword also.
    Issue reported by rmkml.


Summary of changes:
 configure.ac           |   2 +-
 src/detect-engine.c    |   9 +----
 src/detect-file-data.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++++-
 src/detect.c           |  27 ++++++++-----
 src/util-privs.c       |   2 +-
 5 files changed, 123 insertions(+), 21 deletions(-)


More information about the Oisf-devel mailing list