[Oisf-users] Suricata 4.0.5 released
Victor Julien
victor at inliniac.net
Wed Jul 18 10:30:30 UTC 2018
We're pleased to announce *Suricata 4.0.5*. This is a security update
fixing a number of security issues, as well as a fair number of regular
issues.
Get the release here:
https://www.openinfosecfoundation.org/download/suricata-4.0.5.tar.gz
*Changes*
Bug #2480: http eve log data source/dest flip (4.0.x)
Bug #2482: HTTP connect: difference in detection rates between 3.1 and 4.0.x
Bug #2531: yaml: ConfYamlHandleInclude memleak (4.0.x)
Bug #2532: memleak: when using app-layer event rules without rust
Bug #2533: Suricata gzip unpacker bypass (4.0.x)
Bug #2534: Suricata stops inspecting TCP stream if a TCP RST was met (4.0.x)
Bug #2535: Messages with SC_LOG_CONFIG level are logged to syslog with
EMERG priority (4.0.x)
Bug #2537: libhtp 0.5.27 (4.0.x)
Bug #2540: getrandom prevents any suricata start commands on more later
OS's (4.0.x)
*Security*
CVE-2018-10242, CVE-2018-10244 (suricata)
CVE-2018-10243 (libhtp)
*Special thanks*
Henning Perl, Kirill Shipulin, Alexander Gozman, Elazar Broad, Pierre
Chifflier, Maurizio Abba, Renato Botelho
*Trainings*
Check out the latest training offerings at
https://suricata-ids.org/training/
*SuriCon*
SuriCon 2018 Vancouver agenda is up! https://suricon.net/agenda-vancouver/
*About Suricata*
Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open Source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by the OISF, its supporting vendors and
the community.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list