[Oisf-users] Suricata 4.1.6 released

Victor Julien vjulien at oisf.net
Fri Dec 13 15:22:07 UTC 2019


We're pleased to announce *Suricata 4.1.6*. This release fixes a number
of issues found in the 4.1 branch.

This release fixes a number of IPv4 and TCP evasion issues reported by
Nicolas Adba.

Get the release here:
https://www.openinfosecfoundation.org/download/suricata-4.1.6.tar.gz

*Changes*

Bug #3276: address parsing: memory leak in error path (4.1.x)
Bug #3278: segfault when test a nfs pcap file (4.1.x)
Bug #3279: ikev2 enabled in config even if Rust is disabled
Bug #3325: lua issues on arm (fedora:29) (4.1.x)
Bug #3326: Static build with pcap fails (4.1.x)
Bug #3327: tcp: empty SACK option leads to decoder event (4.1.x)
Bug #3347: BPF filter on command line not honored for pcap file (4.1.x)
Bug #3355: DNS: DNS over TCP transactions logged with wrong direction.
(4.1.x)
Bug #3356: DHCP: Slow down over time due to lack of detect flags (4.1.x)
Bug #3369: byte_extract does not work in some situations (4.1.x)
Bug #3385: fast-log: icmp type prints wrong value (4.1.x)
Bug #3387: suricata is logging tls log repeatedly if custom mode is
enabled (4.1.x)
Bug #3388: TLS Lua output does not work without TLS log (4.1.x)
Bug #3391: Suricata is unable to get MTU from NIC after 4.1.0 (4.1.x)
Bug #3393: http: pipelining tx id handling broken (4.1.x)
Bug #3394: TCP evasion technique by overlapping a TCP segment with a
fake packet (4.1.x)
Bug #3395: TCP evasion technique by faking a closed TCP session (4.1.x)
Bug #3402: smb: post-GAP some transactions never close (4.1.x)
Bug #3403: smb1: 'event only' transactions for bad requests never close
(4.1.x)
Bug #3404: smtp: file tracking issues when more than one attachment in a
tx (4.1.x)
Bug #3405: Filehash rule does not fire without filestore keyword
Bug #3410: intermittent abort()s at shutdown and in unix-socket (4.1.x)
Bug #3412: detect/asn1: crashes on packets smaller than offset setting
(4.1.x)
Task #3367: configure: Rust 1.37+ has cargo-vendor support bundled into
cargo (4.1.x)
Bundle Suricata-Update 1.0.6
Bundle Libhtp 0.5.32


*Special thanks*

Nicolas Adba, Mats Klepsland, Fabrice Fontaine


*Trainings*

See https://suricata_events.eventbrite.com/ for the current list of
planned training sessions.


*About Suricata*

Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by OISF, its supporting vendors and the
community.
-- 
Victor Julien
Suricata Lead Developer
suricata-ids.org


More information about the Oisf-users mailing list