[Oisf-users] Suricata 4.1.6 released

Victor Julien vjulien at oisf.net
Fri Dec 13 15:22:07 UTC 2019

We're pleased to announce *Suricata 4.1.6*. This release fixes a number
of issues found in the 4.1 branch.

This release fixes a number of IPv4 and TCP evasion issues reported by
Nicolas Adba.

Get the release here:


Bug #3276: address parsing: memory leak in error path (4.1.x)
Bug #3278: segfault when test a nfs pcap file (4.1.x)
Bug #3279: ikev2 enabled in config even if Rust is disabled
Bug #3325: lua issues on arm (fedora:29) (4.1.x)
Bug #3326: Static build with pcap fails (4.1.x)
Bug #3327: tcp: empty SACK option leads to decoder event (4.1.x)
Bug #3347: BPF filter on command line not honored for pcap file (4.1.x)
Bug #3355: DNS: DNS over TCP transactions logged with wrong direction.
Bug #3356: DHCP: Slow down over time due to lack of detect flags (4.1.x)
Bug #3369: byte_extract does not work in some situations (4.1.x)
Bug #3385: fast-log: icmp type prints wrong value (4.1.x)
Bug #3387: suricata is logging tls log repeatedly if custom mode is
enabled (4.1.x)
Bug #3388: TLS Lua output does not work without TLS log (4.1.x)
Bug #3391: Suricata is unable to get MTU from NIC after 4.1.0 (4.1.x)
Bug #3393: http: pipelining tx id handling broken (4.1.x)
Bug #3394: TCP evasion technique by overlapping a TCP segment with a
fake packet (4.1.x)
Bug #3395: TCP evasion technique by faking a closed TCP session (4.1.x)
Bug #3402: smb: post-GAP some transactions never close (4.1.x)
Bug #3403: smb1: 'event only' transactions for bad requests never close
Bug #3404: smtp: file tracking issues when more than one attachment in a
tx (4.1.x)
Bug #3405: Filehash rule does not fire without filestore keyword
Bug #3410: intermittent abort()s at shutdown and in unix-socket (4.1.x)
Bug #3412: detect/asn1: crashes on packets smaller than offset setting
Task #3367: configure: Rust 1.37+ has cargo-vendor support bundled into
cargo (4.1.x)
Bundle Suricata-Update 1.0.6
Bundle Libhtp 0.5.32

*Special thanks*

Nicolas Adba, Mats Klepsland, Fabrice Fontaine


See https://suricata_events.eventbrite.com/ for the current list of
planned training sessions.

*About Suricata*

Suricata is a high performance Network Threat Detection, IDS, IPS and
Network Security Monitoring engine. Open source and owned by a community
run non-profit foundation, the Open Information Security Foundation
(OISF). Suricata is developed by OISF, its supporting vendors and the
Victor Julien
Suricata Lead Developer

More information about the Oisf-users mailing list