[Oisf-devel] Suricata 2.0.8 Available!

Victor Julien victor at inliniac.net
Wed May 6 16:37:32 UTC 2015


The OISF development team is pleased to announce Suricata 2.0.8. This
release fixes a number of issues in the 2.0 series.

The most important issue is a bug in the DER parser which is used to
decode SSL/TLS certificates could crash Suricata. This issue was
reported by Kostya Kortchinsky of the Google Security Team and was fixed
by Pierre Chifflier of ANSSI.

Those processing large numbers of (untrusted) pcap files need to update
as a malformed pcap could crash Suricata. Again, credits go to Kostya
Kortchinsky.

A number of other issues were fixed. Upgrading is highly recommended.

Get the new release here:
http://www.openinfosecfoundation.org/download/suricata-2.0.8.tar.gz

We have a new release key (the previous expired):
http://www.openinfosecfoundation.org/download/OISF.pub (00C1B70D)


*Changes*

Bug #1450: tls parsing issue
Bug #1460: pcap parsing issue
Bug #1461: potential deadlock
Bug #1404: Alert-Debuglog not being rotated on SIGHUP
Bug #1420: inverted matching on incomplete session
Bug #1462: various issues in rule and yaml parsing


*Security*

The TLS/DER parsing issue has CVE-2015-0971 assigned to it.


*Special thanks*

We'd like to thank the following people and corporations for their
contributions and feedback:

- Kostya Kortchinsky of the Google Security Team
- Pierre Chifflier of ANSSI
- Sundar Jeyaraman of FireEye
- Alexander Gozman
- AFL project
- Coverity Scan


*Known issues & missing features*

If you encounter issues, please let us know! As always, we are doing our
best to make you aware of continuing development and items within the
engine that are not yet complete or optimal. With this in mind, please
notice the list we have included of known items we are working on. See
http://redmine.openinfosecfoundation.org/projects/suricata/issues for an
up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.


*Training & Support*

Need help installing, updating, validating and tuning Suricata? We have
trainings coming up. Paris in July, Barcelona in November: see
http://suricata-ids.org/training/

For support options also see http://suricata-ids.org/support/


*About Suricata*

Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine. Open Source and owned by a community run non-profit
foundation, the Open Information Security Foundation (OISF). Suricata is
developed by the OISF, its supporting vendors and the community.
-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Oisf-devel mailing list