Suricata 3.2.4 available!

suri-400x400

We are pleased to announce Suricata 3.2.4. This a security update fixing important issues. Additionally, it fixes various minor issues.

Changes

  • Bug #2241: smb dcerpc segfaults in StubDataParser (3.2.x)
  • Bug #2231: Redundant content checks may cause Suricata DoS condition on a insignificant traffic rate
  • Bug #2214: detect state uses broken offset logic
  • Bug #2234: TLS rule mixes up server and client certificates (3.2.x)
  • Bug #2235: DNS UDP “Response” parsing recording an incorrect timestamp (3.2.x)
  • Bug #2236: af_packet: suricata leaks memory with use-mmap enabled and incorrect BPF filter (3.2.x)
  • Bug #2237: Redis output: add RPUSH support (3.2.x)
  • Bug #2238: detect duplicate ‘meta’ keywords (3.2.x)
  • Bug #2239: documentation does not reflect current suricata.yaml regarding cpu-affinity (3.2.x)
  • Bug #2242: improve error message if stream memcap too low (3.2.x)
  • Bug #2243: enforcing specific number of threads with autofp does not seem to work (3.2.x)

Download

https://www.openinfosecfoundation.org/download/suricata-3.2.4.tar.gz

End of life announcement

The 3.2 branch will be end-of-life in 2 months, so on December 18. After this it will receive no more updates of any kind, so please plan for your upgrade to Suricata 4.0+ before that date.

https://suricata-ids.org/about/eol-policy/

Special thanks

Jack Covington, Kirill Shipulin – Positive Technologies, Qidu Sy, Mats Klepsland, Derek Kingsbury, Julian Wecke, Alexander Gozman, AFL project, Coverity Scan

Trainings

Conference attendees get a 20% discount!

SuriCon 2017

Less than one month to SuriCon 2017! Come meet the Suricata community and development team to discuss all things Suricata at the third edition of the annual Suricata Conference. SuriCon 2017 will be next month in Prague: https://suricon.net

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.

Tags: , , , , ,

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s