Suricata 1.4.6 released!

Photo by Eric LeblondThe OISF development team is pleased to announce Suricata 1.4.6. This is a small but important update over the 1.4.5 release, addressing some important issues.

Get the new release here: suricata-1.4.6.tar.gz

Fixes

  • Bug 958: malformed SSL records leading to crash. Reported by Sebastian Roschke. CVE-2013-5919.
  • Bug 971: AC pattern matcher out of bounds memory read.
  • Bug 965: improve negated content handling. Reported by Will Metcalf.
  • Bug 937: fix IPv6-in-IPv6 decoding.
  • Bug 934: improve address parsing.
  • Bug 969: fix unified2 not logging tagged packets.

Special thanks

  • Sebastian Roschke
  • Will Metcalf

Security

  • CVE-2013-5919

Known issues & missing features

As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.

See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.

About Suricata

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.