[Oisf-users] Suricata 4.0.0-rc1 ready for testing!
Victor Julien
victor at inliniac.net
Wed Jun 28 15:53:08 UTC 2017
We are proud to announce that the first release candidate for the
upcoming *Suricata 4.0.0* is ready for your testing. Since the beta1
release we've received much valuable feedback, leading to lots of fixed
issues.
Notable changes: initial merge of Pierre Chiffliers Rust parsers work.
This uses external Rust parser 'crates' and is enabled by using
--enable-rust-experimental. This is even more experimental than
--enable-rust, so use with care. Initially this adds a NTP parser.
The NFS parser adds support for catching up after packet loss, adds UDP
support and basic NFSv2 support.
EVE was extended to optionally log the HTTP request and/or response
bodies. Also new in EVE, the (partial) flow record is added to alert
records.
We're aiming for a final 4.0.0 release one month from now. If needed a
rc2 release may be added to the schedule. Please help us test!
Get the release from
https://www.openinfosecfoundation.org/download/suricata-4.0.0-rc1.tar.gz
*Changes*
Feature #2095: eve: http body in alert event
Feature #2131: nfs: implement GAP support
Feature #2156: Add app_proto or partial flow entry to alerts
Feature #2163: ntp parser
Feature #2164: rust: external parser crate support
Bug #1930: Segfault when event rule is invalid
Bug #2038: validate app-layer API use
Bug #2109: asn1: keyword memleak
Bug #2141: 4.0.0-dev (rev 8ea9a5a) segfault
Bug #2143: Bypass cause missing alert on packets only signatures
Bug #2144: rust: panic in dns/tcp
Bug #2148: rust/dns: panic on malformed rrnames
Bug #2153: starttls 'tunnel' packet issue - nfq_handle_packet error -1
Bug #2154: Dynamic stack overflow in payload printable output
Bug #2155: AddressSanitizer double-free error
Bug #2157: Compilation Issues Beta 4.0
Bug #2158: Suricata v4.0.0-beta1 dns_query; segmentation fault
Bug #2159: http: 2221028 triggers on underscore in hostname
Bug #2160: openbsd: pcap with raw datalink not supported
Bug #2161: libhtp 0.5.25
Bug #2165: rust: releases should include crate dependencies (cargo-vendor)
*Special thanks*
Pierre Chifflier, Selivanov Pavel, Giuseppe Longo
*Trainings*
Developer Training in Cork, Ireland. September 11 to 15:
https://www.eventbrite.com/e/5-day-suricata-developer-training-ireland-tickets-33676049972
Hosted by FireEye.
User Training at SuriCon 2017, in Prague:
https://www.eventbrite.com/e/2-day-suricata-training-suricon-2017-tickets-32303327121
*SuriCon2017*
Come meet the Suricata community and development team to discuss all
things Suricata at the third edition of the annual Suricata Conference.
SuriCon 2017 will be in November in Prague: https://suricon.net
*About Suricata*
Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open Source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by the OISF, its supporting vendors and
the community.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list