Suricata 1.4.2 released!

Photo by Eric LeblondThe OISF development team is proud to announce Suricata 1.4.2. This is a minor update over the 1.4 release, fixing some important bugs.

Get the new release here: suricata-1.4.2.tar.gz

Improvements

  • No longer force “nocase” to be used on http_host
  • Invalidate rule if uppercase content is used for http_host w/o nocase
  • Warn user if bpf is used in af-packet IPS mode
  • Better test for available libjansson version

Fixes

  • Fixed accuracy issues with relative pcre matching (#784)
  • Improved accuracy of file_data keyword (#788)
  • Invalidate negative depth (#770)
  • Fix http host parsing for IPv6 addresses (#761)
  • Fix fast.log formatting issues (#773)
  • Fixed deadlock in flowvar set code for http buffers (#801)
  • Various signature ordering improvements
  • Minor stream engine fix

Special thanks

  • Ivan Ristic
  • Rmkml
  • Will Metcalf

Known issues & missing features

As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.

See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.

About Suricata

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.

Tags: , , , , , , , ,