Suricata 4.0.4 available!


We are pleased to announce Suricata 4.0.4.  This is a security update fixing a number of security issues, as well as a fair number of regular issues.


CVE-2018-6794 was requested for issue #2440


  • Bug #2306: suricata 4 deadlocks during failed output log reopening
  • Bug #2361: rule reload hangup
  • Bug #2389: BUG_ON asserts in AppLayerIncFlowCounter (4.0.x)
  • Bug #2392: libhtp 0.5.26 (4.0.x)
  • Bug #2422: [4.0.3] af_packet: a leak that (possibly) breaks an inline channel
  • Bug #2438: various config parsing issues
  • Bug #2439: Fix timestamp offline when pcap timestamp is zero (4.0.x)
  • Bug #2440: stream engine bypass issue (4.0.x)
  • Bug #2441: der parser: bad input consumes cpu and memory (4.0.x)
  • Bug #2443: DNP3 memcpy buffer overflow (4.0.x)
  • Bug #2444: rust/dns: Core Dump with malformed traffic (4.0.x)
  • Bug #2445: http bodies / file_data: thread space creation writing out of bounds


Special thanks

Wolfgang Hotwagner, Kirill Shipulin, Pierre Chifflier, Alexander Gozman, Martin Natano, Maurizio Abba, Nick Price, Philippe Antoine, AFL

SuriCon 2018

Call for presentations is open and tickets for SuriCon 2018 are available:

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.