[Oisf-devel] [COMMIT] OISF branch, master-4.0.x, updated. suricata-4.0.4

OISF Git noreply at openinfosecfoundation.org
Wed Feb 14 09:11:59 UTC 2018

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-4.0.x has been updated
       via  2eadd77e1036f5d6a99acc8e12c237b9cc7093be (commit)
       via  add7b188f46ca42058ac00af9065a5ec2f14b7d8 (commit)
       via  19af022620fce9e6dc99d7d01d766d6927c4c40c (commit)
       via  2c40c34ad22adf56ce9e50ba253cf3d27c50ec55 (commit)
       via  29e20c08e90e04da192b601b0b1b11903b91bc72 (commit)
       via  8d1739b9727d536a03da04975a631d725f6a190f (commit)
       via  3e0a1c8c5da3120fb88be1faf8a9868b26bf94cf (commit)
       via  c19ac429795375b9e0a03f7e503de590ecaa7121 (commit)
       via  3196142411ac3498456b58bfe6ee978a6d8d56e2 (commit)
       via  f767c0c5b0ec5df1be2d8b65c966ec5cd14f716c (commit)
       via  60bab318c9bcdd0194260dcafafeeeeac35e8ff7 (commit)
       via  2dc344edb0409dbfa62d689dba4e49ee5d20921a (commit)
      from  2b9d24203373ceb13331b74255f6297334914fac (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2eadd77e1036f5d6a99acc8e12c237b9cc7093be
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 13 15:05:56 2018 +0100

    changelog: update for 4.0.4

commit add7b188f46ca42058ac00af9065a5ec2f14b7d8
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 13 14:04:04 2018 +0100

    rust/nfs: fix memory leak

commit 19af022620fce9e6dc99d7d01d766d6927c4c40c
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Jan 30 12:20:42 2018 +0100

    autogen/rust: remove Cargo.lock
    Remove Cargo.lock to avoid issues when updating Cargo.toml

commit 2c40c34ad22adf56ce9e50ba253cf3d27c50ec55
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 13 11:41:33 2018 +0100

    doc: fix http_header_names example

commit 29e20c08e90e04da192b601b0b1b11903b91bc72
Author: Jason Ish <ish at unx.ca>
Date:   Wed Feb 7 15:11:54 2018 -0600

    conf/yaml: don't allow empty key values
    When loading an empty file, libyaml will fire a single scalar
    event causing us to create a key that contains an empty string.
    We're not interested in this, so skip an empty scalar value
    when expecting a key.
    Redmine issue:

commit 8d1739b9727d536a03da04975a631d725f6a190f
Author: Jason Ish <ish at unx.ca>
Date:   Mon Feb 12 14:47:14 2018 -0600

    rust/dns: fix overflow of event counter
    Rust will panic if this value is incremented over the max
    value for a u16. Instead, use a bool as the Rust DNS code
    was never decrementing this counter, effectively using
    it as a bool.

commit 3e0a1c8c5da3120fb88be1faf8a9868b26bf94cf
Author: Jason Ish <ish at unx.ca>
Date:   Fri Jan 26 16:15:09 2018 -0600

    dnp3: regenerate object decoding code

commit c19ac429795375b9e0a03f7e503de590ecaa7121
Author: Jason Ish <ish at unx.ca>
Date:   Fri Jan 26 16:14:11 2018 -0600

    dnp3-gen: require jinja2 v2.10 or later
    Previous versions, but not all, have issues tracking

commit 3196142411ac3498456b58bfe6ee978a6d8d56e2
Author: Philippe Antoine <contact at catenacyber.fr>
Date:   Fri Jan 26 16:09:18 2018 -0600

    dnp3-gen: fix heap buffer overflow in generated code
    Due to missing check before memcpy.

commit f767c0c5b0ec5df1be2d8b65c966ec5cd14f716c
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Feb 2 11:17:23 2018 +0100

    der: fix recursion depth not being handled correctly
    In a mix of sequences the 'depth reached' error would not
    be fully propagated.
    Found with AFL.

commit 60bab318c9bcdd0194260dcafafeeeeac35e8ff7
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Feb 2 11:56:16 2018 +0100

    der: warn if null passed to decoders
    Remove null checks for errcode.

commit 2dc344edb0409dbfa62d689dba4e49ee5d20921a
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 13 11:22:33 2018 +0100

    detect: fix out of bounds write in thread space creation


Summary of changes:
 ChangeLog                             | 16 ++++++++
 autogen.sh                            |  5 +++
 doc/userguide/rules/http-keywords.rst |  2 +-
 rust/src/dns/dns.rs                   | 10 ++---
 rust/src/nfs/nfs.rs                   | 11 ++++++
 scripts/dnp3-gen/dnp3-gen.py          | 22 ++++++++---
 src/app-layer-dnp3-objects.c          | 52 ++++++++++++++++++++++++++
 src/app-layer-tls-handshake.c         |  1 +
 src/conf-yaml-loader.c                |  8 ++++
 src/detect-engine-filedata-smtp.c     | 22 +++++++----
 src/detect-engine-hcbd.c              | 18 +++++----
 src/detect-engine-hsbd.c              | 18 +++++----
 src/util-decode-der.c                 | 69 +++++++++++++++++------------------
 src/util-decode-der.h                 |  4 +-
 14 files changed, 186 insertions(+), 72 deletions(-)


More information about the Oisf-devel mailing list