Because of the fixes below, upgrading is highly recommended.
- fix decoder event rules not checked in all cases (#671)
- checksum detection for icmpv6 was fixed (#673)
- crash in HTTP server body inspection code fixed (#675)
- fixed a icmpv6 payload bug (#676)
- IP-only rule ip_proto not matching for some protocols was addressed (#690)
- fixed malformed yaml crashing suricata (#702)
- parsing ipv6 address/subnet parsing in thresholding was fixed by Jamie Strandboge (#717)
- crash in tls parser was fixed (#759)
- fixed UDPv4 packets without checksum being detected as invalid (#762)
- fixed DCE/SMB parsers getting confused in some fragmented cases (#763)
- Jamie Strandboge
Known issues & missing features
If you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.
See http://redmine.openinfosecfoundation.org/projects/suricata/issues for an up to date list and to report new issues. See http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues for a discussion and time line for the major issues.
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.