[Oisf-users] Please help us test Suricata 5.0.0-rc1

Tue Sep 24 17:54:10 UTC 2019

Hi Victor,

Safe to assume that Peter’s daily build PPA[0] is also in scope for testing
right?

Just makes it easier to keep with latest changes.

Thank you.

[0] -
https://launchpad.net/~oisf/+archive/ubuntu/suricata-daily

On Tue, 24 Sep 2019 at 15:31, Victor Julien <vjulien at oisf.net> wrote:

> We are looking for testers for a new development release in the Suricata
> 5 series: Suricata 5.0.0-rc1. Please help us test so we can release the
> final on October 15th.
>
> Curious about whats new? Here are the highlights:
>
>
> RDP, SNMP, FTP and SIP
>
> Three new protocol parsers and loggers, both community contributions.
> Zach Kelley created a Rust RDP parser, while Giuseppe Longo created SIP
> support. Rust master Pierre Chifflier contributed SNMP support. Since
> RDP and SIP were merged late in our development cycle they are disabled
> by default in the configuration. For FTP we have added a EVE logging
> facility.
>
> JA3S
>
> After contributing JA3 support in Suricata 4.1, Mats Klepsland has been
> working on JA3S support. JA3S is now available to the rule language and
> in the TLS logging output.
>
>
> eBPF/XDP
>
> Eric Leblond has been working hard to getting hardware offload support
> working for eBPF. On Netronome cards the eBPF based flow bypass can now
> be offloaded to the NIC.
>
>
> Datasets
>
> Still experimental at this time, the initial work to support datasets is
> part of this release. It allows matching on large amounts of data. It is
> controlled from the rule language and will work with any 'sticky
> buffer'.
> https://suricata.readthedocs.io/en/suricata-5.0.0-rc1/rules/datasets.html
>
>
> HTTP evader
>
> We've been working hard to cover the final set of HTTP evader cases.
> This work has mostly gone into the bundled libhtp 0.5.31.
>
>
> More 5.0 changes
>
> Please see the beta1 announcement for many more changes in the upcoming
> 5.0 release:
>
> https://suricata-ids.org/2019/04/30/call-for-testing-announcing-suricata-5-0-0-beta1/
>
> For a complete list of closed tickets in 5.0.0-rc1, please see
> https://redmine.openinfosecfoundation.org/versions/128
>
>
> Release schedule
>
> This release has been delayed quite a bit. We had originally hoped to
> have it ready for you in July. This means that to get the final out
> before Suricon next month we have quite an aggressive schedule. We want
> to release the final no later than October 15th. We can use all the help
> we can get with testing and polishing to meet that goal. Thanks in advance!
>
> Download from:
> https://www.openinfosecfoundation.org/downloads/suricata-5.0.0-rc1.tar.gz
>
> --
> Victor Julien
> Suricata Lead Developer
> suricata-ids.org
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190924/11d7aef2/attachment.html>