[Oisf-users] Suricata 4.0.6 available

Victor Julien victor at inliniac.net
Tue Nov 6 15:34:51 UTC 2018

We're pleased to announce *Suricata 4.0.6*. This is a security update
fixing a SMTP crash issue, as well as a fair number of regular issues.

Get the release here:


Bug #2568: negated fileext and filename do not work as expected (4.0.x)
Bug #2576: filemd5 is not fired in some cases when there are invalid packets
Bug #2607: File descriptor leak in af-packet mode (4.0.x)
Bug #2634: Improve errors handling in AF_PACKET (4.0.x)
Bug #2658: smtp segmentation fault (4.0.x)
Bug #2664: libhtp 0.5.28 (4.0.x)
Support #2512: http events - Weird unicode characters and truncation in
some of http_method/http_user_agent fields
Support #2546: Suricata 4.0.x blocking issues


SMTP crash issue was fixed: CVE-2018-18956

*Special thanks*

Maurizio Abba, Sean Cloherty


Check out the latest training offerings at


SuriCon 2018 Vancouver is next week and it's still possible to join!

*About Suricata*

Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by OISF, its supporting vendors and the
Victor Julien
PGP: http://www.inliniac.net/victorjulien.asc

More information about the Oisf-users mailing list