[Oisf-devel] [COMMIT] OISF branch, master-3.2.x, updated. suricata-3.2.3-21-g6133bbd
OISF Git
noreply at openinfosecfoundation.org
Mon Oct 16 11:23:46 UTC 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master-3.2.x has been updated
via 6133bbd195f7fb770ab92d64ece0a8953cc4e276 (commit)
via b12a5fe5b0a19b91f78af956d842e8020ee7aaac (commit)
via 04e7d04633b167ce9807e2911b3af870887bf132 (commit)
via 36a19168944dd00bfc447fc07cec0371d1447655 (commit)
via 243fd7dc7478d09440fc8c6b416a6ce62e9f55a4 (commit)
via 030e1b5432c5a3a773e6d2499cace127a0f3a66c (commit)
via 197d14b35262ac38c9d6f8456a9b36af950b5cb5 (commit)
via 9f01c51561aea8fe206780e4f7520589202f0a00 (commit)
via a10819a40512655552c6ad005e33d3271cc7662c (commit)
via 74b365c349617bc92d7ef577052220badc68e94c (commit)
via 4d2a6f5406daa3a2ad6dfee9d15d144f3a52fb9f (commit)
via 7d037ae26634cd848f23f24e9bde7617eb120222 (commit)
via 1e97b03fe0c9c734df4a5d967593877c6e7678b8 (commit)
via 543ac95d2b55cba42d0e6f3e2ecd5c04facc0992 (commit)
via 705ebc9d9a7e2663be8a6c49e885e88a457a9e6f (commit)
via 49e61c7c1ea5809ef5fd189e1b626b6f45b88cad (commit)
via 2b19824c4b8e8a8a2588eb9458ad9ef8e6420904 (commit)
via f36c7a93d42c0cba884eb5a78a39f081c606b8c2 (commit)
via 49514082b4232065dcdc6ff99486a741f6909f98 (commit)
via 020d9abb0e850c4ba3ef5a8909d45d2b196a3f28 (commit)
via 01795145766bc0b7d10691d457dd3e1d1b71a7c9 (commit)
from aa9264987f4d39d5945ff822d6b8b5bcbca2822e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6133bbd195f7fb770ab92d64ece0a8953cc4e276
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 5 11:11:13 2017 +0200
doc/file_data: add note on negated matching
Explain issue #2216 and how to avoid it.
Backport http_server_body notes from 4.0 branch.
commit b12a5fe5b0a19b91f78af956d842e8020ee7aaac
Author: Victor Julien <victor at inliniac.net>
Date: Tue Oct 3 10:31:39 2017 +0200
debug: free pcre memory used for output filtering
commit 04e7d04633b167ce9807e2911b3af870887bf132
Author: Victor Julien <victor at inliniac.net>
Date: Fri Sep 29 19:10:46 2017 +0200
tls: don't set event on small input data
On very small data the max loop count could be 0. Make sure
it's always at least 1.
commit 36a19168944dd00bfc447fc07cec0371d1447655
Author: Eric Leblond <eric at regit.org>
Date: Sat Sep 30 12:35:14 2017 +0200
prscript: update urls to use OISF repo
commit 243fd7dc7478d09440fc8c6b416a6ce62e9f55a4
Author: Derek <derekmkingsbury at gmail.com>
Date: Wed Sep 6 20:23:25 2017 -0700
dns: fix last timestamp handling
Fixes incorrect variable in ticket #2207
In app-layer-dns-tcp.c in the DNSTCPResponseParse function
a variable is set to last_req when it should be last_resp.
This makes it consistent with UDP DNS response parsing.
commit 030e1b5432c5a3a773e6d2499cace127a0f3a66c
Author: Eric Leblond <eric at regit.org>
Date: Mon Sep 18 20:30:20 2017 +0200
af-packet: free bpf program
This fixes a small memory leak when Suricata is running with a
BPF filter.
commit 197d14b35262ac38c9d6f8456a9b36af950b5cb5
Author: Eric Leblond <eric at regit.org>
Date: Mon Sep 18 20:24:29 2017 +0200
af-packet: call thread deinit function
commit 9f01c51561aea8fe206780e4f7520589202f0a00
Author: Andreas Herz <andi at geekosphere.org>
Date: Sat Sep 9 23:22:06 2017 +0200
doc: reflect most recent cpu affinity settings
Some settings like output-cpu-set never been used and detect got renamed
to worker. This reflects those changes already present in the yaml also
within the documentation.
commit a10819a40512655552c6ad005e33d3271cc7662c
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date: Wed Aug 9 21:07:03 2017 +0200
app-layer-ssl: fix bug with >255 records in one stream
commit 74b365c349617bc92d7ef577052220badc68e94c
Author: Andreas Herz <andi at geekosphere.org>
Date: Fri Aug 11 23:53:55 2017 +0200
rule-parser: bump sids within siggroup test
commit 4d2a6f5406daa3a2ad6dfee9d15d144f3a52fb9f
Author: Andreas Herz <andi at geekosphere.org>
Date: Fri Aug 11 23:25:44 2017 +0200
rule-parser: detect duplicate rev keyword
commit 7d037ae26634cd848f23f24e9bde7617eb120222
Author: Andreas Herz <andi at geekosphere.org>
Date: Fri Aug 11 23:24:22 2017 +0200
rule-parser: detect duplicate sid keyword
commit 1e97b03fe0c9c734df4a5d967593877c6e7678b8
Author: Andreas Herz <andi at geekosphere.org>
Date: Fri Aug 11 23:11:46 2017 +0200
rule-parser: detect duplicate classtype keyword
commit 543ac95d2b55cba42d0e6f3e2ecd5c04facc0992
Author: Victor Julien <victor at inliniac.net>
Date: Tue Aug 29 12:57:53 2017 +0200
afpacket: free ring mem on error
commit 705ebc9d9a7e2663be8a6c49e885e88a457a9e6f
Author: Alexander Gozman <goal81 at gmail.com>
Date: Sun Aug 20 15:22:34 2017 +0300
Bug #2201: af_packet - treat BPF filter error as fatal
There is no need to try to set erroneous BPF filter again and again. Such attempts
lead to constant mmap() calls without corresponding munmap() when 'use-mmap' is enabled.
commit 49e61c7c1ea5809ef5fd189e1b626b6f45b88cad
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date: Wed Aug 2 14:49:43 2017 +0200
app-layer-tls: don't decode client certificates
Decoding client certificate overwrites the validity dates from the
server certificate, so we therefore don't decode it, since we don't
do anything with it (right now) anyway.
Fixes Bug #2050
commit 2b19824c4b8e8a8a2588eb9458ad9ef8e6420904
Author: Victor Julien <victor at inliniac.net>
Date: Tue Aug 1 10:13:10 2017 +0200
detect-msg: cleanup error message
commit f36c7a93d42c0cba884eb5a78a39f081c606b8c2
Author: Andreas Herz <andi at geekosphere.org>
Date: Sun Jul 30 00:14:50 2017 +0200
rule-parser: ignore duplicated msg keyword
commit 49514082b4232065dcdc6ff99486a741f6909f98
Author: Eric Leblond <eric at regit.org>
Date: Fri Jun 30 15:00:40 2017 +0200
af-packet: optimize BPF
This patch turn on code optimization on BPF filter building by
libpcap. This allow to reduce the size of the BPF bytecode and
thus increase the size of BPF filter supported by Suricata.
Reported-by: Martijn van Oosterhout
commit 020d9abb0e850c4ba3ef5a8909d45d2b196a3f28
Author: Victor Julien <victor at inliniac.net>
Date: Fri Jul 14 11:05:51 2017 +0200
gcc7: format-truncation fix for lua
commit 01795145766bc0b7d10691d457dd3e1d1b71a7c9
Author: Julian <julian at net23.de>
Date: Sun May 28 12:22:25 2017 +0200
redis: support for rpush in list mode
This adds a new redis mode rpush. Also more consistent config keywords orientated at the redis command: lpush and publish.
Keeping list and channel config keywords for backwards compatibility. Removed unnecessary checks.
-----------------------------------------------------------------------
Summary of changes:
doc/userguide/configuration/suricata-yaml.rst | 73 ++++++++++--------------
doc/userguide/output/eve/eve-json-output.rst | 8 ++-
doc/userguide/rules/http-keywords.rst | 40 ++++++++++++-
qa/prscript.py | 8 +--
src/app-layer-dns-tcp.c | 2 +-
src/app-layer-ssl.c | 24 +++++---
src/detect-classtype.c | 6 ++
src/detect-engine-siggroup.c | 82 +++++++++++++--------------
src/detect-msg.c | 5 ++
src/detect-rev.c | 8 +++
src/detect-sid.c | 8 +++
src/output-lua.c | 6 +-
src/source-af-packet.c | 30 ++++++----
src/util-debug.c | 5 ++
src/util-error.c | 1 +
src/util-error.h | 1 +
src/util-logopenfile.c | 23 ++++----
suricata.yaml.in | 4 +-
18 files changed, 209 insertions(+), 125 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list