We are pleased to announce Suricata 4.0.5. This is a security update fixing a number of security issues, as well as a fair number of regular issues.
Security
CVE-2018-10242, CVE-2018-10244 (suricata)
CVE-2018-10243 (libhtp)
Changes
- Bug #2480: http eve log data source/dest flip (4.0.x)
- Bug #2482: HTTP connect: difference in detection rates between 3.1 and 4.0.x
- Bug #2531: yaml: ConfYamlHandleInclude memleak (4.0.x)
- Bug #2532: memleak: when using app-layer event rules without rust
- Bug #2533: Suricata gzip unpacker bypass (4.0.x)
- Bug #2534: Suricata stops inspecting TCP stream if a TCP RST was met (4.0.x)
- Bug #2535: Messages with SC_LOG_CONFIG level are logged to syslog with EMERG priority (4.0.x)
- Bug #2537: libhtp 0.5.27 (4.0.x)
- Bug #2540: getrandom prevents any suricata start commands on more later OS’s (4.0.x)
- Bug #2544: ssh out of bounds read (4.0.x)
- Bug #2545: enip out of bounds read (4.0.x)
Download
https://www.openinfosecfoundation.org/download/suricata-4.0.5.tar.gz
Special thanks
Henning Perl, Kirill Shipulin, Alexander Gozman, Elazar Broad, Pierre Chifflier, Maurizio Abba, Renato Botelho
Trainings
Check out the latest training offerings at https://suricata-ids.org/training/
SuriCon 2018
SuriCon 2018 Vancouver agenda is up! https://suricon.net/agenda-vancouver/
About Suricata
Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.