The OISF development team is proud to announce Suricata 2.0.3. This release fixes a number of issues in the 2.0 series. Most importantly, this release addresses a number of IPv6 issues that can lead to evasion. Bugs discovered by Rafael Schaefer working with ERNW GmbH.
Get the new release here: http://www.openinfosecfoundation.org/download/suricata-2.0.3.tar.gz
- Bug #1236: fix potential crash in http parsing
- Bug #1244: ipv6 defrag issue
- Bug #1238: Possible evasion in stream-tcp-reassemble.c
- Bug #1221: lowercase conversion table missing last value
- Support #1207: Cannot compile on CentOS 5 x64 with –enable-profiling
- Updated bundled libhtp to 0.5.15
We’d like to thank the following people and corporations for their contributions and feedback:
- Ken Steele — Tilera
- Rafael Schaefer working with ERNW GmbH
- Antonios Atlasis working with ERNW GmbH
- Alexander Gozman
- Ivan Ristic
Known issues & missing features
If you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.