Suricata 4.0.5 available!


We are pleased to announce Suricata 4.0.5.  This is a security update fixing a number of security issues, as well as a fair number of regular issues.


CVE-2018-10242, CVE-2018-10244 (suricata)
CVE-2018-10243 (libhtp)


  • Bug #2480: http eve log data source/dest flip (4.0.x)
  • Bug #2482: HTTP connect: difference in detection rates between 3.1 and 4.0.x
  • Bug #2531: yaml: ConfYamlHandleInclude memleak (4.0.x)
  • Bug #2532: memleak: when using app-layer event rules without rust
  • Bug #2533: Suricata gzip unpacker bypass (4.0.x)
  • Bug #2534: Suricata stops inspecting TCP stream if a TCP RST was met (4.0.x)
  • Bug #2535: Messages with SC_LOG_CONFIG level are logged to syslog with EMERG priority (4.0.x)
  • Bug #2537: libhtp 0.5.27 (4.0.x)
  • Bug #2540: getrandom prevents any suricata start commands on more later OS’s (4.0.x)
  • Bug #2544: ssh out of bounds read (4.0.x)
  • Bug #2545: enip out of bounds read (4.0.x)


Special thanks

Henning Perl, Kirill Shipulin, Alexander Gozman, Elazar Broad, Pierre Chifflier, Maurizio Abba, Renato Botelho


Check out the latest training offerings at

SuriCon 2018

SuriCon 2018 Vancouver agenda is up!

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.