Suricata 4.0.4 available!


We are pleased to announce Suricata 4.0.4.  This is a security update fixing a number of security issues, as well as a fair number of regular issues.


CVE-2018-6794 was requested for issue #2440


  • Bug #2306: suricata 4 deadlocks during failed output log reopening
  • Bug #2361: rule reload hangup
  • Bug #2389: BUG_ON asserts in AppLayerIncFlowCounter (4.0.x)
  • Bug #2392: libhtp 0.5.26 (4.0.x)
  • Bug #2422: [4.0.3] af_packet: a leak that (possibly) breaks an inline channel
  • Bug #2438: various config parsing issues
  • Bug #2439: Fix timestamp offline when pcap timestamp is zero (4.0.x)
  • Bug #2440: stream engine bypass issue (4.0.x)
  • Bug #2441: der parser: bad input consumes cpu and memory (4.0.x)
  • Bug #2443: DNP3 memcpy buffer overflow (4.0.x)
  • Bug #2444: rust/dns: Core Dump with malformed traffic (4.0.x)
  • Bug #2445: http bodies / file_data: thread space creation writing out of bounds


Special thanks

Wolfgang Hotwagner, Kirill Shipulin, Pierre Chifflier, Alexander Gozman, Martin Natano, Maurizio Abba, Nick Price, Philippe Antoine, AFL

SuriCon 2018

Call for presentations is open and tickets for SuriCon 2018 are available:

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.

Tags: , , , , , , , ,

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s