[Oisf-users] Suricata 4.1.4 released

Victor Julien victor at inliniac.net
Tue Apr 30 12:51:29 UTC 2019

We're pleased to announce *Suricata 4.1.4*. This security release fixes
a number of issues found in the 4.1 branch.

Get the release here:


Bug #2870: pcap logging with lz4 coverity warning
Bug #2883: ssh: heap buffer overflow
Bug #2884: mpls: heapbuffer overflow in file decode-mpls.c
Bug #2887: decode-ethernet: heapbuffer overflow in file decode-ethernet.c
Bug #2888: 4.1.3 core in HCBDCreateSpace
Bug #2894: smb 1 create andx request does not parse the filename correctly
Bug #2902: rust/dhcp: panic in dhcp parser
Bug #2903: mpls: cast of misaligned data leads to undefined behavior
Bug #2904: rust/ftp: panic in ftp parser
Bug #2943: rust/nfs: integer underflow
This release includes Suricata-Update 1.0.5

*Special thanks*

Alexander Bluhm, Giuseppe Longo, Max Fillinger, Wesley van der Ree,
Jason Taylor
Sirko Höer -- Code Intelligence GmbH, DCSO.


See https://suricata_events.eventbrite.com/ for the current list of
planned training sessions.


The CFP for Suricon 2019 is open! Submit your talk proposal at:

*About Suricata*

Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by OISF, its supporting vendors and the

Victor Julien
PGP: http://www.inliniac.net/victorjulien.asc

More information about the Oisf-users mailing list