Suricata 1.3.6 available!

The OISF development team is pleased to announce Suricata 1.3.6. This the last maintenance release of Suricata 1.3 with some important fixes.

Because of the fixes below, upgrading is highly recommended.



  • fix decoder event rules not checked in all cases (#671)
  • checksum detection for icmpv6 was fixed (#673)
  • crash in HTTP server body inspection code fixed (#675)
  • fixed a icmpv6 payload bug (#676)
  • IP-only rule ip_proto not matching for some protocols was addressed (#690)
  • fixed malformed yaml crashing suricata (#702)
  • parsing ipv6 address/subnet parsing in thresholding was fixed by Jamie Strandboge (#717)
  • crash in tls parser was fixed (#759)
  • fixed UDPv4 packets without checksum being detected as invalid (#762)
  • fixed DCE/SMB parsers getting confused in some fragmented cases (#763)

Special thanks

  • Jamie Strandboge

Known issues & missing features

If you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.

See for an up to date list and to report new issues. See for a discussion and time line for the major issues.

About Suricata

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.

Comments (1)

Comments are closed.