[Oisf-users] Suricata 4.0.0-rc1 ready for testing!
oisf countersnipe.com
oisf at countersnipe.com
Wed Jun 28 17:39:50 UTC 2017
Hi Victor
Thank you for the updates. Is there some more detail on
'Feature #1636: Signal rotation of unified2 log file without restart'
in terms of what it replaces/offers as new?
Thanks in advance.
Amar
On June 28, 2017 at 11:53 AM Victor Julien <victor at inliniac.net> wrote:
>
>
> We are proud to announce that the first release candidate for the
> upcoming *Suricata 4.0.0* is ready for your testing. Since the beta1
> release we've received much valuable feedback, leading to lots of fixed
> issues.
>
> Notable changes: initial merge of Pierre Chiffliers Rust parsers work.
> This uses external Rust parser 'crates' and is enabled by using
> --enable-rust-experimental. This is even more experimental than
> --enable-rust, so use with care. Initially this adds a NTP parser.
>
> The NFS parser adds support for catching up after packet loss, adds UDP
> support and basic NFSv2 support.
>
> EVE was extended to optionally log the HTTP request and/or response
> bodies. Also new in EVE, the (partial) flow record is added to alert
> records.
>
> We're aiming for a final 4.0.0 release one month from now. If needed a
> rc2 release may be added to the schedule. Please help us test!
>
> Get the release from
> https://www.openinfosecfoundation.org/download/suricata-4.0.0-rc1.tar.gz
>
>
> *Changes*
>
> Feature #2095: eve: http body in alert event
> Feature #2131: nfs: implement GAP support
> Feature #2156: Add app_proto or partial flow entry to alerts
> Feature #2163: ntp parser
> Feature #2164: rust: external parser crate support
> Bug #1930: Segfault when event rule is invalid
> Bug #2038: validate app-layer API use
> Bug #2109: asn1: keyword memleak
> Bug #2141: 4.0.0-dev (rev 8ea9a5a) segfault
> Bug #2143: Bypass cause missing alert on packets only signatures
> Bug #2144: rust: panic in dns/tcp
> Bug #2148: rust/dns: panic on malformed rrnames
> Bug #2153: starttls 'tunnel' packet issue - nfq_handle_packet error -1
> Bug #2154: Dynamic stack overflow in payload printable output
> Bug #2155: AddressSanitizer double-free error
> Bug #2157: Compilation Issues Beta 4.0
> Bug #2158: Suricata v4.0.0-beta1 dns_query; segmentation fault
> Bug #2159: http: 2221028 triggers on underscore in hostname
> Bug #2160: openbsd: pcap with raw datalink not supported
> Bug #2161: libhtp 0.5.25
> Bug #2165: rust: releases should include crate dependencies (cargo-vendor)
>
>
> *Special thanks*
>
> Pierre Chifflier, Selivanov Pavel, Giuseppe Longo
>
>
> *Trainings*
>
> Developer Training in Cork, Ireland. September 11 to 15:
> https://www.eventbrite.com/e/5-day-suricata-developer-training-ireland-tickets-33676049972
> Hosted by FireEye.
>
> User Training at SuriCon 2017, in Prague:
> https://www.eventbrite.com/e/2-day-suricata-training-suricon-2017-tickets-32303327121
>
>
> *SuriCon2017*
>
> Come meet the Suricata community and development team to discuss all
> things Suricata at the third edition of the annual Suricata Conference.
> SuriCon 2017 will be in November in Prague: https://suricon.net
>
>
> *About Suricata*
>
> Suricata is a high performance Network Threat Detection, IDS, IPS and
> Network Security Monitoring engine. Open Source and owned by a community
> run non-profit foundation, the Open Information Security Foundation
> (OISF). Suricata is developed by the OISF, its supporting vendors and
> the community.
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
More information about the Oisf-users
mailing list