We are pleased to announce Suricata 4.0.4. This is a security update fixing a number of security issues, as well as a fair number of regular issues.
Security
CVE-2018-6794 was requested for issue #2440
Changes
- Bug #2306: suricata 4 deadlocks during failed output log reopening
- Bug #2361: rule reload hangup
- Bug #2389: BUG_ON asserts in AppLayerIncFlowCounter (4.0.x)
- Bug #2392: libhtp 0.5.26 (4.0.x)
- Bug #2422: [4.0.3] af_packet: a leak that (possibly) breaks an inline channel
- Bug #2438: various config parsing issues
- Bug #2439: Fix timestamp offline when pcap timestamp is zero (4.0.x)
- Bug #2440: stream engine bypass issue (4.0.x)
- Bug #2441: der parser: bad input consumes cpu and memory (4.0.x)
- Bug #2443: DNP3 memcpy buffer overflow (4.0.x)
- Bug #2444: rust/dns: Core Dump with malformed traffic (4.0.x)
- Bug #2445: http bodies / file_data: thread space creation writing out of bounds
Download
https://www.openinfosecfoundation.org/download/suricata-4.0.4.tar.gz
Special thanks
Wolfgang Hotwagner, Kirill Shipulin, Pierre Chifflier, Alexander Gozman, Martin Natano, Maurizio Abba, Nick Price, Philippe Antoine, AFL
SuriCon 2018
Call for presentations is open and tickets for SuriCon 2018 are available: https://suricon.net/
About Suricata
Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.