[Oisf-devel] [COMMIT] OISF annotated tag, suricata-4.1.0-beta1, created. suricata-4.1.0-beta1

OISF Git noreply at openinfosecfoundation.org
Fri Mar 23 13:27:31 UTC 2018

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The annotated tag, suricata-4.1.0-beta1 has been created
        at  ce56270123404783153b96ea1af06f2325c87b44 (tag)
   tagging  97c224d193dfb7f4811425a4dda64519b7776560 (commit)
  replaces  suricata-4.0.1
 tagged by  Victor Julien
        on  Fri Mar 23 14:26:53 2018 +0100

- Log -----------------------------------------------------------------
Tag 4.1.0 beta 1 release
Version: GnuPG v1


Alexander Gozman (3):
      syslog: treat SC_LOG_PERF messages as LOG_DEBUG
      af_packet: bug #2422.
      rules: optimize bidir rules with same src/dst

Alfredo Cardigliano (1):
      pfring: hw bypass support

Andreas Herz (5):
      keyword-filesize: add units
      rule-reload: fix possible hangup with SIGUSR2
      detect-engine: add missing mutex unlock
      docs: replace redmine links and enforce https on oisf urls
      docs: remove many outdated and old install docs

Antoine LUONG (2):
      prelude: fix duplicated analyzer in Prelude alert
      prelude: swap msg and class_msg in Prelude alert

Antti Tönkyrä (1):
      stream-tcp: add counters for midstream pickups

Brandon Sterne (1):
      doc: use standard spelling of daemon

Clement Galland (1):
      rust/tftp: add tftp parsing and logging

Clément Galland (1):
      Dns logger display flags information

Dana Helwig (1):
      source-pcap-file: Pcap Directory Mode (Feature #2222)

Daniel Humphries (1):
      unified2: fix xff extra-data output (Bug #2305)

Danny Browning (9):
      unix socket: don't loose events when offline
      enum: don't printf on util-enum errors
      suricata: pcap-file-continuous ignores other options (Bug #2253)
      source-pcap-file: Fix coverity findings (Bug #2356)
      util-time: Add function to convert timespec to epoch millis
      suricatasc: pcap-file-continuous (2412)
      runmode-unix-socket: interrupt as commanded (2413)
      source-pcap-file: Directory mode may miss files (bug #2394)
      pcap/file: fix missing files stopping engine #2451

David DIALLO (2):
      modbus: duplicate alerts unaware of direction
      modbus: Support Unit Identifier

Eric Leblond (82):
      netflow: fix ttl logic
      unix-socket: add ruleset-reload-nonblocking command
      doc: add ruleset commands available in unix socket
      unix-socket: add logs reopen command
      doc: document log reopen unix socket command
      suricata: storage early to get it everywhere
      detect: increase signature mask length
      flow: add parent_id field
      app-layer: add Flow to probing parser functions
      app-layer-expectation: expectation system
      app-layer-ftp: add ftp-data support
      detect-ftpdata: match on ftp-data operation
      doc: update following ftp-data changes
      doc: update file extraction document
      app-layer-ftp: add memcap for ftp
      af-packet: free ring buffer at exit
      detect-ftpdata: register keyword
      af-packet: synchronize flags sizes
      conf: add function to get child with default
      detect-metadata: store metadata key value pairs
      detect-metadata: add unit test
      output-json-alert: conditionaly output metadata
      suricata: init output before detection
      detect-metadata: add a string storage to de_ctx
      doc: documentation update on metadata
      unix socket: protocol v0.2
      suricatasc: implement autoreconnect
      af-packet: add support for eBPF cluster and filter
      af-packet: kernel bypass implementation
      flow-bypass: only start thread on demand
      af-packet: use per CPU hash in bypass
      af-packet: implementation of XDP bypass
      util-ebpf: suppress call on loop init
      ebpf: implement vlan filter
      util-ebpf: add call to remove memlock limit
      flow-bypass: add abstraction layer
      util-ebpf: fix XDP delete key
      util-ebpf: fix ipv6 cleaning and add comments
      af-packet: fix bypassing of IPv6
      af-packet: cache map fd search
      af-packet: end of map factoring
      af-packet: remove done fixme in XDP
      tm-threads: fix build warning in afl mode
      flow-bypass: fix sleep strategy
      device-storage: introduce feature
      util-device: add an iteration function
      util-device: change logic of registration
      af-packet: add support for multi iface bypass
      af-packet: improve xdp error handling
      doc: update xdp documentation
      util-ebpf: add error handling in hash value fetch
      af-packet: add missing copyright header
      af-packet: code cleaning and comments
      util-affinity: export CPU set parsing function
      ebpf: import more recent version of helpers
      af-packet: add support for XDP cpu redirect map
      doc: document XDP CPU redirect
      util-ebpf: fix libbpf error handling
      af-packet: fix error handling in bypass case
      af-packet: add comments to eBPF/XDP code
      util-ebpf: simplify code cleaning
      ebpf: slight bypass_filter optimization
      ebpf: add some comments to eBPF filter
      flow-bypass: introduce update function
      af-packet: XDP bypass in IPS mode
      doc: add info about xdp IPS bypass
      ebpf: fix detection of llc
      util-ebpf: add bypassed counters
      unix-socket: add bypassed counter to iface-stat
      unix-socket: add ebpf-bypassed-stats command
      doc: how to get live info about ebpf behavior
      ebpf: allow modified build of xdp_filter
      doc: update documentation
      af-packet: count only CPUs once
      util-ebpf: rename local variable
      doc: improve eBPF and XDP doc
      tm-threads: fix build warning in afl mode
      ebpf: remove vlan_hdr alignement
      suricata.yaml: fix some spelling mistakes
      doc: fix typo in ebpf xdp doc
      doc: more info on unix socket rule reload
      doc: fix typo in unix socket doc

Gaurav Singh (1):
      Adds options to mark when a file is final.

Giuseppe Longo (32):
      netflow: log ttl fields
      dns: log flags field
      detect-engine: add reload time/rules stats
      json-stats: print engine stats
      unix-socket: add commands to print engine stats
      detect-engine: remove DONE state
      detect: save invalid rules
      unix-manager: print failed rules
      unix-manager: add "ruleset-reload-rules" command
      unix-manager: block live reload when -s/-S is specified
      stream-tcp-reassemble: declare 'size' as uint64_t
      stream-tcp: get/set memcap value
      flow: get/set memcap value
      htp: get/set memcap value
      htp: destroy atomic vars
      defrag: get/set memcap value
      ippair: get/set memcap value
      host: get/set memcap value
      runmode-unix-socket: add commands for memcap handling
      suricatasc: add commands for memcap handling
      doc: add memcap commands in unix-socket section
      configure: check for zlib and liblzma
      app-layer-htp: add swf decompression settings
      detect: set events in inspection phase
      util-file-decompression: add swf decompression API
      detect-engine-hsbd: decompress swf files
      doc: update file_data description
      output-json-dns: add new configuration
      output-json-dns: add new output formats for v2
      output-json-dns: add json logging functions
      output-json-alert: add dns info
      doc: introduce dns compact logging

Jason Ish (70):
      travis: do make distcheck on Rust 1.15.0 build
      travis: rust 1.21.0 build
      travis: allow rust-stable build to fail
      detect-parse: don't use pcre for rule parsing
      detect-parse: string copy not required
      template scripts: fixup detect setup scripts
      rust/dns - convert more type values to text
      dns-log: don't register if HAVE_RUST
      eve.netflow: remove "hi" log message
      eve.flow: remove "hi" log message
      eve.dnp3: removed unsed context field
      eve: fix context datatype used in init functions
      eve.flow: removed unused http parameters
      eve: remove json format option - was not used
      output: introduce init return type
      util: move SCCreateDirectoryTree to util-path
      create directory: fix strlcpy usage
      create directory: final arg to control full path or prefix
      SCPathExists - function to see if a path exists
      util-error: new error: SC_ERR_CREATE_DIRECTORY
      eve/fileinfo: split record creation from writing
      output-json-file: let caller decide if file is stored
      configure: check for utime.h and utime()
      filestore v2 - initial version
      file extract: force sha256 even if truncated
      filestore v2: use fileinfo records as metadata
      suricatactl: a new python script for misc. tasks
      util-error: define SC_ERR_MAX
      filestore2: warn once for file errors
      filestore (old): register global stat in init func
      filestore: only allow one filestore to be enabled
      doc: document file-store v2
      suricatasc: don't use find -delete
      .gitignore: only ignore *.yaml in root directory
      eve: top level metadata object
      eve: metadata setting to enable/disable metadata
      eve: tls: respect global metadata config
      eve: ssh: respect global metadata config
      eve: dnp3: respect global metadata config
      eve: smtp: respect global metadata config
      eve: nfs: respect global metadata config
      eve: email: respect global metadata config
      eve: drop: global metadata config
      eve: alert: global metadata config
      eve: dns: global metadata config
      eve: flow: global metadata config
      eve: http: global metadata config
      eve: netflow: global metadata config
      json-vars: rename to metadata and use new metadata format
      output-json-vars: rename to metadata
      doc: update eve-log section for metadata
      eve/metadata: special handling for traffic-id labels
      eve/metadata: log flowvars as a list of k/v pairs
      eve/alert: log metadata be default
      doc: breakout eve-log section to a partial file
      conf: new function: ConfNodeHasChildren
      eve/alert: new metadata configuration (sane defaults)
      doc: update eve/alert/metadata configuration
      setup-app-layer-detect: update for changes in detect
      metadata: fix parsing when not k/v
      conf/yaml: don't allow empty key values
      dnp3-gen: require jinja2 v2.10 or later
      dnp3: regenerate object decoding code
      app-layer: remove has events callback - not used
      travis: redirect unittest output to file in all builds
      eve/dns-v2: log authorities as a list
      eve/dns-v2: only log responses for enabled types
      rust/json: expose more of jansson to rust
      eve/dns/v2: support eve/dns v2 in rust
      suricata-update: bundle suricata update

Jesper Dangaard Brouer (6):
      ebpf: maintain a copy of kernel UAPI header file linux/bpf.h
      ebpf: add Paul Hsieh's (LGPL 2.1) hash function SuperFastHash
      ebpf: improve xdp-cpu-redirect distribution in xdp_filter.c
      ebpf: take clang -target bpf include issue of stdint.h into account
      ebpf: compile with clang -target bpf
      epf: improving the ebpf makefile

Martin Natano (2):
      app-layer-htp, stream-tcp: prevent modulo bias in RandomGetWrap()
      eve/alert: include rule text in alert output

Mats Klepsland (22):
      unittests: initialize NSS in unittests runmode
      detect: add (mpm) keyword tls_cert_fingerprint
      doc: add documentation for tls_cert_fingerprint keyword
      app-layer-ssl: split function into multiple smaller functions
      app-layer-ssl: generate JA3 fingerprints
      util-ja3: add function to check if JA3 is disabled
      detect: add (mpm) keyword ja3_hash
      doc: add documentation for ja3_hash keyword
      detect: add (mpm) keyword ja3_string
      doc: add documentation for ja3_string keyword
      lua: add Ja3GetHash function
      doc: add documentation for Ja3GetHash Lua function
      lua: add Ja3GetString function
      doc: add documentation for Ja3GetString Lua function
      eve: add JA3 fields to TLS JSON logger
      doc: add JA3 fields to the TLS logger documentation
      conf: user-configurable umask setting
      detect-tls-cert-fingerprint: use *_Register2 API functions
      detect-tls-cert-issuer: use *_Register2 API functions
      detect-tls-cert-subject: use *_Register2 API functions
      detect-tls-cert-serial: use *_Register2 API functions
      detect-tls-sni: use *_Register2 API functions

Maurizio Abba (5):
      runmodes: fix single runmode bug with pcap
      print: Escape backslash in PrintRawUriFp
      time: Force init cached_minute_start array
      signal: use centralized pthread_sigmask for signals
      signal: enable SIGUSR2 after Reload when delayed-detect

Nick Price (1):
      rust/nfs: don't panic on malformed NFS traffic

Pascal Delalande (7):
      NSM: add TTL fields for netflow log
      dns: store flags for logging for TCP
      doc: update docs for DNS flags logging
      unix-socket: socket permission update
      doc: update filestore for file hash extraction
      rust/tftp: eve logging with rust
      doc: update eve json output for DNS and HTTP

Peter Manev (2):
      valgrind: suppressions for NIC offloading calls
      doc: add XDP setup documentation

Philippe Antoine (1):
      dnp3-gen: fix heap buffer overflow in generated code

Pierre Chifflier (20):
      applayer: add typedef for Parsing functions
      applayer: add StringToAppProto
      applayer: add registration interface for parsers
      rust/applayer: add registration iface for parsers
      rust: generate declaration for extern unsafe funcs
      rust/ntp: convert parser to new registration method
      Add support for PCAP LINKTYPE_IPV4
      Hash table: check hash array size when inserting element
      Hash table: free bucker in case of insertion error
      Rust: fix probing function prototype: change sign and add Flow
      NTP: update logger to use new API
      Rust: remove deprecated functions LoggerFlags::get_logged/set_logged
      NTP: ensure parser name is not freed after registration
      rust: update 'external' api for app layer changes
      Rust: add 'debug' feature
      SMB: use kerberos-parser to extract Real and PrincipalName
      SMB: use String::from_utf8_lossy in logging functions
      SMB: simplify code
      DER parser: fix undefined behaviors and  add missing length tests
      DER parser: ensure errcode is set for every return path

Ralph Broenink (16):
      doc: Add suricata.css to allow for some custom styling
      doc: Replace images of tables and rules with text in rules docs
      doc: Use lowercased keyword names as section titles
      doc: Meta-settings -> Meta Keywords plus some textual changes
      doc: Completely rewrite the rules introduction for more clearity
      doc: Move the definition of modifier keywords to the introduction
      doc: Moved explanation of normalized buffers to rules introduction
      doc: Move fast_pattern and prefilter to dedicated page
      doc: Move pcre entirely to Payload Keywords section
      doc: Minor changes in structuring of HTTP Keywords / Snort differences
      doc: Move flowint as integral part of flow keywords
      doc: Make the header keywords section separate sections in ToC
      doc: Restructure ToC
      doc: Move IP reputation keyword to rules section
      doc: Add my own name to the acknowledgements
      doc: Amend the list of accepted protocols

Richard Sailer (2):
      output/lua: remove unnecessary detect.h include
      output/lua: better lua output setup error handling

Ruslan Usmanov (2):
      rate_filter by_both through IPPair storage
      rate_filter: by_rule fixed triggering algorithm

Thomas Andrejak (1):
      prelude: add protocol information through JSON

Victor Julien (286):
      yaml: add 'append' to stats-log entry
      detect: error out on invalid detect.profile option
      yaml: print errors if integers are invalid
      napatech: fix minor memleak in error path
      random: support getrandom(2) if available
      random: fix random logic with getrandom
      decoder: implement IEEE802.1AH
      redis: suppress minor coverity warning
      detect-id: clean up to suppress minor coverity warning
      detect: fix port parsing memory leak
      detect-asn1: fix memory leak in error path
      detect: add debug statements for byte_extract/isdataat
      detect: implement byte_extract support for isdataat
      detect: add unittest for byte_extract/isdataat
      detect: handle very large byte_extract'ed values in isdataat
      detect: test for byte_extract/isdataat large values
      detect: don't register http_*_line twice
      install: use up to date url for 'make install-full'
      detect/profile: minor fixes
      detect/dns: fix misdetection on dns_query on udp
      Open 4.1 development branch
      pfring: various build issues
      rust: require at least libc 0.2.33
      detect: run buffer setup callback before validate
      detect: minor comment cleanup
      detect: minor cleanups
      stream: minor debug addition
      app-layer: minor cleanups and optimizations
      app-layer: cleanup: use true bool type for 'logger'
      app-layer: minor cleanup
      detect: style cleanup
      detect: constify address match functions
      detect-state: minor cleanups
      detect/mpm: minor cleanup: remove unused function arg
      detect: minor profiling cleanup
      detect: constify rule group lookup
      detect/analyzer: formatting fixup
      detect: fix flow bypass flag handling
      detect: make glob.h optional
      thresholds: simplify config parsing
      flow: optimize Flow structure layout
      output: clean up log API unittests
      mingw: service init compile warning fix
      http: allow shinking in HTPRealloc
      afl: enable afl dumps by envvar
      runmodes: config test is offline
      detect/depth: reject rules with depth smaller than content
      unittest/helpers: add helper to assign flow to packet
      detect/flowint: improve unittests
      detect/flowint: only check if packet has flow
      detect/flowint: harden code
      detect/http_start: check if 'line' is valid
      hosts: release packet references to hosts
      detect/http_host: add sid to nocase warning
      detect/http_uri: remove broken tests
      detect/uri: apply urilen contents as depth
      detect: content limits propagation
      mpm: add depth/offset support
      mpm/ac: add depth/offset support
      mpm/ac-ks: coding style fixes
      mpm/ac-ks: apply offset/depth
      detect: move unittests into tests/
      detect: move grouping/building code into own file
      detect: move keyword registration into own file
      detect: move rule loading into loader files
      configure: style fixup
      output: don't deadlock on log reopen failure
      prefilter/profile: validate end > start
      qa: add more drmemory suppressions for hyperscan
      app-layer/counters: check counter id
      pcap-directory: fix double free in error path
      doc: initial suricata-update page
      content: fix depth/within, offset/distance mix
      pfring: fix vlan handling issues
      pfring: add warning for stripped vlan header case
      pfring: minor code cleanups
      decode/vlan: don't consider ARP 'unknown'
      detect: remove old simd references
      detect/mpm: micro optimization in setup
      detect: no tcp flags in mask for pseudo packets
      app-layer: use bool for 'HasDecoderEvents'
      detect: minor cleanup
      file_data: smtp file_data to generic file_data
      file_data: unify inspect engines
      file_data: move tests into tests/
      hostbits: fix test setup
      rust: add --enable-rust-debug
      mingw: work around mingw mkdir
      mingw: fix compilation of signals code
      mingw: fix use of undefined USR2 signal
      mingw: add SCNtohl and SCNtohs macro's
      strptime: add implementation from NetBSD
      mingw: fix 'struct tm' compilation issue
      mingw: disable pid checking from pidfile
      console: no color for native windows build
      mingw: work around mingw more liberal ip parsing
      decode/mime: improve ip address validation
      ipv4: add string validation function
      ipv6: add string validation function
      mingw: use c:\Program Files\Suricata for w64
      mingw/cygwin: explicitly disable unix socket
      mingw: wrapper for usleep in threads
      mingw: fix issues in pcap directory code
      mingw: improve ipaddress parsing
      threads: avoid NULL-ptr deref in thread init wait
      scan-build: fix warning in streaming buffer
      scan-build: fix warning in radix tree
      scan-build: don't use memory wrappers
      scan-build: simplify FatalErrorOnInit macro
      detect/tos: fix memleak in error path
      detect/tos: minor cleanups
      scan-build: fix memleak warning in port parsing
      cuda: remove
      rust/mingw: fix linker issues on mingw
      rust/nfs: improve file close handling
      detect: move packet hdr inspect into util func
      detect: move detect cleanup into util func
      detect: put inspect code for MATCH-list into func
      app-layer: register per proto logger bits
      app-layer: use logger bits to avoid looping
      logging: unique id's per log direction
      output: add missing dnp3 profiling labels
      http: clean up & improve unittests
      destate: test cleanups
      threads: don't crash in slow shutdown
      stream/midstream: be more liberal with window
      thresholds: fix issues with host based thresholds
      filestore: minor cleanups and warning fixes
      flowbits: analyze and dump to json
      app-layer: detect flags API calls
      ssh: implement DetectFlags API
      smtp: implement DetectFlags API
      ssl/tls: use DetectFlags API
      http: move from MpmIDs to DetectFlags API
      rust/dns: implement detect_flags API
      dns: support detect flags
      rust/nfs: add support for detect_flags API
      detect: rewrite of the detect engine
      detect/flowbits: apply state knowledge
      app-layer: warn that MpmIDs API is no longer used
      detect/prefilter: show prefilter engine id space
      app-layer: improve async and out of order txs
      detect: fix multiple files per tx inspect
      detect/state: clean up old code
      output/file: run file loggers in both directions
      output/filedata: call loggers on both directions
      detect/fast-pattern: use registered buffers for check
      detect/profiling: postpone setup
      detect/prefilter: redo profiling
      detect: profiling update for new detect code
      detect: bypass merge sort call if possible
      detect/content: introduce startswith modifier
      detect/content: implement endswith
      threshold: minor cleanups
      detect: minor cleanup
      rust/core: comment cleanup
      rust/file: change return type for FileOpenFileWithId
      rust/file: handle file open errors
      file: use enum for state
      file: minor cleanups
      rust/nfs: fix read reply handling
      rust/filetracker: if file API return error, trunc file
      rust/nfs: explicitly handle GAPs from C
      pcre: don't leak memory in data extraction
      stream/app-layer: fix GAP handling issue
      enip: support gaps
      stream: still inspect packets dropped by stream
      stream: handle data on incomplete 3whs
      stream: set event for suspected data injection during 3whs
      http: add tests for malformed response lines
      htp: allow HTTP pickup of response data
      stream: improve overlap detection
      htp: remove usused flags
      htp: remove usused file flags
      htp: code cleanups
      htp: remove used body operation field
      htp: remove unused field from tx state
      htp: minor debug addition
      rust: don't gen C headers if Rust isn't enabled
      rust: update dependencies
      autogen/rust: remove Cargo.lock
      travis/rust: update rust minimum to 1.21
      app-layer: add tx iterator API
      nfs: remove old test code
      app-layer: remove unused HasTxDetectState call
      rust/dns: simplify tx freeing
      detect: fix out of bounds write in detect thread space creation
      der: warn if null passed to decoders
      der: fix recursion depth not being handled correctly
      detect: prep for dynamic smlists arrays in sigs
      detect: prefilter/inspect API v2, with transforms
      detect: move buffer type map into detect ctx
      content inspection: support transforms
      detect: register dynamic buffers into de_ctx
      detect/inspect engines: copy to detect engine ctx
      detect: move mpm engines into detect engine ctx
      detect/prefilter: add de_ctx to registration
      detect/prefilter: move hash into detect engine ctx
      detect/transform: initial strip_whitespace implementation
      detect/transform: initial compress_whitespace implementation
      detect/transform: initial to_sha256 implementation
      detect/http_request_line: convert to inspect api v2
      file_data: update to API v2
      detect/dns_query: move to API v2. Supports transforms.
      detect: set implied flow direction based on keywords
      detect/content: pass START/END flags to inspection
      rule analyzer: simple rules to json dumper
      detect: bsize keyword
      detect/bsize: tests for http_request_line
      flash: code cleanups
      stream: inform app layer of depth reached
      file: fix files not getting pruned
      rust/dns: fix nom verbose error mode
      rust/json: add array_append_string
      output/json: clean up CreateJSONHeader calls
      output/json: make log direction explicit
      output/json: update callers to use explicit directions
      output: fix logging wrong direction in tls upgrade
      der/afl: free data during fuzzing
      profiling: suppress debug statements
      mingw: fix compile error
      detect: fix tx iterator logic in detect
      eve: log pcap filename
      rust/smb: initial support
      smb: session setup improvements
      smb/nbss: work around bad traffic
      smb1: locking andx may have no response
      smb1: implement WRITE_AND_CLOSE
      smb: add status
      smb1: improve error handling
      smb2: add missing commands and improve ioctl err handling
      smb3: parse transform records
      smb2: improve write error handling
      smb: cleaner server component parsing
      smb1: parser cleanups
      smb: redo gap catch up handling
      smb1: minor debug improvment
      smb: remove unused dialects from state
      smb: update to der-parser 0.5.1
      smb: small cleanups, fixes and optimizations
      smb: fix event handling when no tx is available
      smb: generic event per trans/read/write for tx events
      smb1: disable 'generic tx's for common commands
      smb2: parse and log timestamps in CREATE
      smb1: parse and log timestamps in CREATE
      smb: rename file to filename in output
      smb1: set event on empty/malformed dialect
      smb: make string parsing functions public
      smb: move common parsing funcs into own file
      smb1: more exact tree connect record parsing
      smb1: generic smb string parse func
      smb1: use generic string parsing for trans
      smb1: log create 'service' fields
      smb: log create empty filename as '<share_root>' like Bro does
      smb2: log share type
      smb2: log client and server guid from negotiate
      smb1: extract server guid from negotiate
      smb: disable debug output
      smb: use formal MS names for disposition
      smb2: map ioctl funcs to names
      smb2: add ioctl transactions to log the funcs
      smb2: parse async records
      smb2: break out ioctl handling
      smb: add smb to default eve-log config
      rust/smb: improve protocol detection
      rust/smb: implement minimal record parsing in probing
      smb: improve nbss/smb record detection
      smb1: ignore tree_id in session setup
      smb1: improve non nt-status handling
      smb: add smb records to fileinfo
      smb: log file FID/GUID as fuid
      smb2: don't log/track each READ/WRITE/etc
      smb1: add OPEN_ANDX command name for logging
      smb: share can't be <share_root>
      rust/dns: default to eve log version 2 for rust
      smb: if filename is missing, use '<unknown>'
      smb2: log renames
      smb1: add parsing for RENAME command
      smb1: extract rename info from TRANS2
      smb: suppress notice messages
      der: don't overwrite errcode
      nfs: minor cleanup
      nfs/rpc: improve RPCv2 parser, add GssApi
      threshold: don't touch globals after init
      doc: fix http_header_names example
      changelog: update for 4.1.0-beta1

Wolfgang Hotwagner (12):
      conf: fix NULL-pointer dereference in ParseSizeString
      conf: fix NULL-pointer dereference in ConfGetInt
      conf: fix NULL-pointer dereference in CoredumpLoadConfig
      conf: stack-based buffer-overflow in ParseFilename
      conf: Memory-leak in DetectAddressTestConfVars
      conf: NULL-pointer dereference in ConfUnixSocketIsEnable
      conf: use of NULL-pointer in DetectLoadCompleteSigPath
      conf: multiple NULL-pointer dereferences in FlowInitConfig
      conf: multiple NULL-pointer dereferences in StreamTcpInitConfig
      Conf: Multipe NULL-pointer dereferences in HostInitConfig
      Conf: Multipe NULL-pointer dereferences after ConfGetBool in StreamTcpInitConfig
      Conf: Multipe NULL-pointer dereferences in PostConfLoadedSetup

jason taylor (1):
      updated links to suricata.readthedocs.io



More information about the Oisf-devel mailing list