[Oisf-devel] Suricata 4.0.4 released
Victor Julien
victor at inliniac.net
Wed Feb 14 09:45:19 UTC 2018
We're pleased to announce *Suricata 4.0.4*. This is a security update
fixing a number of security issues, as well as a fair number of regular
issues.
Get the release here:
https://www.openinfosecfoundation.org/download/suricata-4.0.4.tar.gz
*Changes*
Bug #2306: suricata 4 deadlocks during failed output log reopening
Bug #2361: rule reload hangup
Bug #2389: BUG_ON asserts in AppLayerIncFlowCounter (4.0.x)
Bug #2392: libhtp 0.5.26 (4.0.x)
Bug #2422: [4.0.3] af_packet: a leak that (possibly) breaks an inline
channel
Bug #2438: various config parsing issues
Bug #2439: Fix timestamp offline when pcap timestamp is zero (4.0.x)
Bug #2440: stream engine bypass issue (4.0.x)
Bug #2441: der parser: bad input consumes cpu and memory (4.0.x)
Bug #2443: DNP3 memcpy buffer overflow (4.0.x)
Bug #2444: rust/dns: Core Dump with malformed traffic (4.0.x)
Bug #2445: http bodies / file_data: thread space creation writing out of
bounds
*Security*
CVE-2018-6794 was requested for #2440
*Special thanks*
Wolfgang Hotwagner, Kirill Shipulin, Pierre Chifflier, Alexander Gozman,
Martin Natano, Maurizio Abba, Nick Price, Philippe Antoine, AFL
*Suricon 2018*
Call for presentations is open and tickets for SuriCon 2018 are
available: https://suricon.net/
*About Suricata*
Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open Source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by the OISF, its supporting vendors and
the community.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list